From: Julien Grall <julien.grall@arm.com>
To: Jan Beulich <JBeulich@suse.com>,
Andrew Cooper <andrew.cooper3@citrix.com>
Cc: Stefano Stabellini <sstabellini@kernel.org>,
Wei Liu <wei.liu2@citrix.com>,
Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>,
George Dunlap <George.Dunlap@eu.citrix.com>,
Tim Deegan <tim@xen.org>, Ian Jackson <Ian.Jackson@eu.citrix.com>,
xen-devel <xen-devel@lists.xenproject.org>
Subject: Re: [PATCH 2/4] xen/console: Don't treat NUL character as the end of the buffer
Date: Tue, 9 Apr 2019 11:31:40 +0100 [thread overview]
Message-ID: <e623626e-e07f-fb05-f44b-7b298ea69e09@arm.com> (raw)
In-Reply-To: <5CA467E30200007800224225@prv1-mh.provo.novell.com>
Hi,
On 03/04/2019 08:59, Jan Beulich wrote:
>>>> On 02.04.19 at 19:49, <andrew.cooper3@citrix.com> wrote:
>> On 02/04/2019 17:42, Julien Grall wrote:
>>> diff --git a/xen/arch/arm/early_printk.c b/xen/arch/arm/early_printk.c
>>> index 97466a12b1..35a47c7229 100644
>>> --- a/xen/arch/arm/early_printk.c
>>> +++ b/xen/arch/arm/early_printk.c
>>> @@ -17,9 +17,10 @@
>>> void early_putch(char c);
>>> void early_flush(void);
>>>
>>> -void early_puts(const char *s)
>>> +void early_puts(const char *s, unsigned int nr)
>>
>> size_t here and elsewhere please, because...
>>
>>> @@ -666,16 +664,16 @@ static bool_t console_locks_busted;
>>>
>>> static void __putstr(const char *str)
>>> {
>>> + size_t len = strlen(str);
>>> +
>>> ASSERT(spin_is_locked(&console_lock));
>>>
>>> - sercon_puts(str);
>>> - video_puts(str);
>>> + sercon_puts(str, len);
>>> + video_puts(str, len);
>>
>> ... this introduces a truncation bug for 64bit builds.
>>
>> I don't expect a 4G buffer to be passed, but it is not worth introducing
>> the possibility for such a subtle bug in the first place.
>
> I don't entirely object to what you say, but I also don't think
> running into a truncation situation here would be an actual
> problem: Consider how long it would take to get out such a
> giant string, not to speak of it going to wrap our internal ring
> buffers many times. Looking at it from that angle, truncation
> may actually beneficial here;
Truncation could be done explicitly in *_puts functions if necessary. So I will
switch to size_t as suggested by Andrew.
> "len" may want to be unsigned int
> as well then. do_console_io()'s "count" is "int" as well (should
> really be "unsigned int" imo, just like "cmd").
I will look at writing a patch to switch do_console_io() to unsigned int.
Cheers,
--
Julien Grall
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
WARNING: multiple messages have this Message-ID (diff)
From: Julien Grall <julien.grall@arm.com>
To: Jan Beulich <JBeulich@suse.com>,
Andrew Cooper <andrew.cooper3@citrix.com>
Cc: Stefano Stabellini <sstabellini@kernel.org>,
Wei Liu <wei.liu2@citrix.com>,
Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>,
George Dunlap <George.Dunlap@eu.citrix.com>,
Tim Deegan <tim@xen.org>, Ian Jackson <Ian.Jackson@eu.citrix.com>,
xen-devel <xen-devel@lists.xenproject.org>
Subject: Re: [Xen-devel] [PATCH 2/4] xen/console: Don't treat NUL character as the end of the buffer
Date: Tue, 9 Apr 2019 11:31:40 +0100 [thread overview]
Message-ID: <e623626e-e07f-fb05-f44b-7b298ea69e09@arm.com> (raw)
Message-ID: <20190409103140.hcOH7rZTWe-2eEnNWDyvKigcsW176QL-qSKXun4Duc4@z> (raw)
In-Reply-To: <5CA467E30200007800224225@prv1-mh.provo.novell.com>
Hi,
On 03/04/2019 08:59, Jan Beulich wrote:
>>>> On 02.04.19 at 19:49, <andrew.cooper3@citrix.com> wrote:
>> On 02/04/2019 17:42, Julien Grall wrote:
>>> diff --git a/xen/arch/arm/early_printk.c b/xen/arch/arm/early_printk.c
>>> index 97466a12b1..35a47c7229 100644
>>> --- a/xen/arch/arm/early_printk.c
>>> +++ b/xen/arch/arm/early_printk.c
>>> @@ -17,9 +17,10 @@
>>> void early_putch(char c);
>>> void early_flush(void);
>>>
>>> -void early_puts(const char *s)
>>> +void early_puts(const char *s, unsigned int nr)
>>
>> size_t here and elsewhere please, because...
>>
>>> @@ -666,16 +664,16 @@ static bool_t console_locks_busted;
>>>
>>> static void __putstr(const char *str)
>>> {
>>> + size_t len = strlen(str);
>>> +
>>> ASSERT(spin_is_locked(&console_lock));
>>>
>>> - sercon_puts(str);
>>> - video_puts(str);
>>> + sercon_puts(str, len);
>>> + video_puts(str, len);
>>
>> ... this introduces a truncation bug for 64bit builds.
>>
>> I don't expect a 4G buffer to be passed, but it is not worth introducing
>> the possibility for such a subtle bug in the first place.
>
> I don't entirely object to what you say, but I also don't think
> running into a truncation situation here would be an actual
> problem: Consider how long it would take to get out such a
> giant string, not to speak of it going to wrap our internal ring
> buffers many times. Looking at it from that angle, truncation
> may actually beneficial here;
Truncation could be done explicitly in *_puts functions if necessary. So I will
switch to size_t as suggested by Andrew.
> "len" may want to be unsigned int
> as well then. do_console_io()'s "count" is "int" as well (should
> really be "unsigned int" imo, just like "cmd").
I will look at writing a patch to switch do_console_io() to unsigned int.
Cheers,
--
Julien Grall
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
next prev parent reply other threads:[~2019-04-09 10:31 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-02 16:42 [PATCH 0/4] xen/console: Bug fixes and doc improvement Julien Grall
2019-04-02 16:42 ` [PATCH 1/4] xen/console: Properly buffer domU output when using CONSOLEIO_write Julien Grall
2019-04-03 11:41 ` Wei Liu
2019-04-09 10:25 ` Julien Grall
2019-04-09 10:25 ` [Xen-devel] " Julien Grall
2019-04-02 16:42 ` [PATCH 2/4] xen/console: Don't treat NUL character as the end of the buffer Julien Grall
2019-04-02 17:49 ` Andrew Cooper
2019-04-03 7:59 ` Jan Beulich
2019-04-09 10:31 ` Julien Grall [this message]
2019-04-09 10:31 ` [Xen-devel] " Julien Grall
2019-04-05 10:00 ` Jan Beulich
2019-04-05 10:00 ` [Xen-devel] " Jan Beulich
2019-04-05 10:21 ` Julien Grall
2019-04-05 10:21 ` [Xen-devel] " Julien Grall
2019-04-05 10:26 ` Jan Beulich
2019-04-05 10:26 ` [Xen-devel] " Jan Beulich
2019-04-16 20:33 ` Stefano Stabellini
2019-04-16 20:33 ` [Xen-devel] " Stefano Stabellini
2019-08-05 11:40 ` Julien Grall
2019-04-02 16:42 ` [PATCH 3/4] xen/public: Document HYPERCALL_console_io() Julien Grall
2019-04-03 11:41 ` Wei Liu
2019-04-03 13:04 ` Jan Beulich
2019-04-09 11:26 ` Julien Grall
2019-04-09 11:26 ` [Xen-devel] " Julien Grall
2019-04-09 11:42 ` Jan Beulich
2019-04-09 11:42 ` [Xen-devel] " Jan Beulich
2019-04-16 9:54 ` Julien Grall
2019-04-16 9:54 ` [Xen-devel] " Julien Grall
2019-04-25 10:09 ` Jan Beulich
2019-04-25 10:09 ` [Xen-devel] " Jan Beulich
2019-04-16 10:29 ` Ian Jackson
2019-04-16 10:29 ` [Xen-devel] " Ian Jackson
2019-08-05 9:40 ` Julien Grall
2019-08-05 10:07 ` Jan Beulich
2019-08-05 10:17 ` Julien Grall
2019-08-05 10:21 ` Jan Beulich
2019-04-16 20:42 ` Stefano Stabellini
2019-04-16 20:42 ` [Xen-devel] " Stefano Stabellini
2019-04-02 16:42 ` [PATCH 4/4] xen/console: Simplify domU console handling in guest_console_write Julien Grall
2019-04-03 11:42 ` Wei Liu
2019-04-16 20:48 ` Stefano Stabellini
2019-04-16 20:48 ` [Xen-devel] " Stefano Stabellini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=e623626e-e07f-fb05-f44b-7b298ea69e09@arm.com \
--to=julien.grall@arm.com \
--cc=George.Dunlap@eu.citrix.com \
--cc=Ian.Jackson@eu.citrix.com \
--cc=JBeulich@suse.com \
--cc=andrew.cooper3@citrix.com \
--cc=konrad.wilk@oracle.com \
--cc=sstabellini@kernel.org \
--cc=tim@xen.org \
--cc=wei.liu2@citrix.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.