From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Jan Beulich <JBeulich@suse.com>,
Jennifer Herbert <Jennifer.Herbert@citrix.com>
Cc: Julien Grall <julien.grall@arm.com>,
Paul Durrant <paul.durrant@citrix.com>,
Xen-devel <xen-devel@lists.xen.org>
Subject: Re: [PATCH v8 for-4.9 3/5] hvm/dmop: Implement copy_{to, from}_guest_buf() in terms of raw accessors
Date: Fri, 21 Apr 2017 17:10:19 +0100 [thread overview]
Message-ID: <9d78b09d-7582-8f03-f796-0b7615c4be06@citrix.com> (raw)
In-Reply-To: <58FA4527020000780015310E@prv-mh.provo.novell.com>
On 21/04/17 16:45, Jan Beulich wrote:
>>>> On 21.04.17 at 16:05, <jennifer.herbert@citrix.com> wrote:
>> +#define COPY_FROM_GUEST_BUF(dst, args, buf_idx) \
>> + _raw_copy_from_guest_buf(&dst, args, buf_idx, sizeof(dst))
>> +
>> +#define COPY_TO_GUEST_BUF(args, buf_idx, src) \
>> + _raw_copy_to_guest_buf(args, buf_idx, &src, sizeof(src))
> Why all caps all of the sudden?
This is the start of some code improvements, given the fallout from XSA-212.
This macro is not a C function and doesn't behave like one
(specifically, capturing src by name rather than value). Therefore, it
gets ALL_CAPS() (which is actually traditional for any macro in C) to
make it more obvious to people reading the code that it *is not* a C
function and doesn't behave like one.
It is getting embarrassing how many security vulnerability we are seeing
because macros look like they are doing one thing, yet actually do
something else, and improving the quality of the code is the only way
this is going to get better.
Therefore, I am going to insist that they stay like this.
~Andrew
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
next prev parent reply other threads:[~2017-04-21 16:10 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-04-21 14:05 [PATCH v8 for-4.9 1/5] hvm/dmop: Box dmop_args rather than passing multiple parameters around jennifer.herbert
2017-04-21 14:05 ` [PATCH v8 for-4.9 2/5] hvm/dmop: Make copy_buf_{from, to}_guest for a buffer not big enough an error jennifer.herbert
2017-04-21 14:09 ` Paul Durrant
2017-04-21 14:05 ` [PATCH v8 for-4.9 3/5] hvm/dmop: Implement copy_{to, from}_guest_buf() in terms of raw accessors jennifer.herbert
2017-04-21 14:11 ` Paul Durrant
2017-04-21 15:45 ` Jan Beulich
2017-04-21 16:10 ` Andrew Cooper [this message]
2017-04-24 8:19 ` Jan Beulich
2017-04-25 20:03 ` Andrew Cooper
2017-04-26 7:37 ` Jan Beulich
2017-04-26 7:46 ` Jan Beulich
2017-04-21 14:05 ` [PATCH v8 for-4.9 4/5] hvm/dmop: Implement copy_{to, from}_guest_buf_offset() helpers jennifer.herbert
2017-04-21 15:46 ` Jan Beulich
2017-04-21 14:05 ` [PATCH v8 for-4.9 5/5] dmop: Add xendevicemodel_modified_memory_bulk() jennifer.herbert
2017-04-21 14:17 ` [PATCH v8 for-4.9 1/5] hvm/dmop: Box dmop_args rather than passing multiple parameters around Julien Grall
2017-04-21 14:42 ` Andrew Cooper
2017-04-21 14:44 ` Jennifer Herbert
2017-04-24 10:23 ` Julien Grall
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=9d78b09d-7582-8f03-f796-0b7615c4be06@citrix.com \
--to=andrew.cooper3@citrix.com \
--cc=JBeulich@suse.com \
--cc=Jennifer.Herbert@citrix.com \
--cc=julien.grall@arm.com \
--cc=paul.durrant@citrix.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.