* [PATCH] linux-user: allow NULL msg in recvfrom
@ 2021-03-26 4:05 Zach Reizner
2021-03-26 9:07 ` Laurent Vivier
2021-03-26 13:23 ` Laurent Vivier
0 siblings, 2 replies; 5+ messages in thread
From: Zach Reizner @ 2021-03-26 4:05 UTC (permalink / raw)
To: qemu-devel; +Cc: Laurent Vivier
The kernel allows a NULL msg in recvfrom so that he size of the next
message may be queried before allocating a correctly sized buffer. This
change allows the syscall translator to pass along the NULL msg pointer
instead of returning early with EFAULT.
Signed-off-by: Zach Reizner <zachr@google.com>
---
linux-user/syscall.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 1e508576c7..332544b43c 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -3680,8 +3680,6 @@ static abi_long do_recvfrom(int fd, abi_ulong
msg, size_t len, int flags,
abi_long ret;
host_msg = lock_user(VERIFY_WRITE, msg, len, 0);
- if (!host_msg)
- return -TARGET_EFAULT;
if (target_addr) {
if (get_user_u32(addrlen, target_addrlen)) {
ret = -TARGET_EFAULT;
--
2.31.0.291.g576ba9dcdaf-goog
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH] linux-user: allow NULL msg in recvfrom
2021-03-26 4:05 [PATCH] linux-user: allow NULL msg in recvfrom Zach Reizner
@ 2021-03-26 9:07 ` Laurent Vivier
2021-03-26 13:23 ` Laurent Vivier
1 sibling, 0 replies; 5+ messages in thread
From: Laurent Vivier @ 2021-03-26 9:07 UTC (permalink / raw)
To: Zach Reizner, qemu-devel
Le 26/03/2021 à 05:05, Zach Reizner a écrit :
> The kernel allows a NULL msg in recvfrom so that he size of the next
> message may be queried before allocating a correctly sized buffer. This
> change allows the syscall translator to pass along the NULL msg pointer
> instead of returning early with EFAULT.
>
> Signed-off-by: Zach Reizner <zachr@google.com>
> ---
> linux-user/syscall.c | 2 --
> 1 file changed, 2 deletions(-)
>
> diff --git a/linux-user/syscall.c b/linux-user/syscall.c
> index 1e508576c7..332544b43c 100644
> --- a/linux-user/syscall.c
> +++ b/linux-user/syscall.c
> @@ -3680,8 +3680,6 @@ static abi_long do_recvfrom(int fd, abi_ulong
> msg, size_t len, int flags,
> abi_long ret;
>
> host_msg = lock_user(VERIFY_WRITE, msg, len, 0);
> - if (!host_msg)
> - return -TARGET_EFAULT;
> if (target_addr) {
> if (get_user_u32(addrlen, target_addrlen)) {
> ret = -TARGET_EFAULT;
>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] linux-user: allow NULL msg in recvfrom
2021-03-26 4:05 [PATCH] linux-user: allow NULL msg in recvfrom Zach Reizner
2021-03-26 9:07 ` Laurent Vivier
@ 2021-03-26 13:23 ` Laurent Vivier
2021-03-26 13:28 ` Peter Maydell
1 sibling, 1 reply; 5+ messages in thread
From: Laurent Vivier @ 2021-03-26 13:23 UTC (permalink / raw)
To: Zach Reizner, qemu-devel
Le 26/03/2021 à 05:05, Zach Reizner a écrit :
> The kernel allows a NULL msg in recvfrom so that he size of the next
> message may be queried before allocating a correctly sized buffer. This
> change allows the syscall translator to pass along the NULL msg pointer
> instead of returning early with EFAULT.
>
> Signed-off-by: Zach Reizner <zachr@google.com>
> ---
> linux-user/syscall.c | 2 --
> 1 file changed, 2 deletions(-)
>
> diff --git a/linux-user/syscall.c b/linux-user/syscall.c
> index 1e508576c7..332544b43c 100644
> --- a/linux-user/syscall.c
> +++ b/linux-user/syscall.c
> @@ -3680,8 +3680,6 @@ static abi_long do_recvfrom(int fd, abi_ulong
> msg, size_t len, int flags,
> abi_long ret;
>
> host_msg = lock_user(VERIFY_WRITE, msg, len, 0);
> - if (!host_msg)
> - return -TARGET_EFAULT;
> if (target_addr) {
> if (get_user_u32(addrlen, target_addrlen)) {
> ret = -TARGET_EFAULT;
>
Applied to my linux-user-for-6.0 branch
Thanks,
Laurent
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] linux-user: allow NULL msg in recvfrom
2021-03-26 13:23 ` Laurent Vivier
@ 2021-03-26 13:28 ` Peter Maydell
2021-03-26 13:36 ` Laurent Vivier
0 siblings, 1 reply; 5+ messages in thread
From: Peter Maydell @ 2021-03-26 13:28 UTC (permalink / raw)
To: Laurent Vivier; +Cc: Zach Reizner, QEMU Developers
On Fri, 26 Mar 2021 at 13:24, Laurent Vivier <laurent@vivier.eu> wrote:
>
> Le 26/03/2021 à 05:05, Zach Reizner a écrit :
> > The kernel allows a NULL msg in recvfrom so that he size of the next
> > message may be queried before allocating a correctly sized buffer. This
> > change allows the syscall translator to pass along the NULL msg pointer
> > instead of returning early with EFAULT.
> >
> > Signed-off-by: Zach Reizner <zachr@google.com>
> > ---
> > linux-user/syscall.c | 2 --
> > 1 file changed, 2 deletions(-)
> >
> > diff --git a/linux-user/syscall.c b/linux-user/syscall.c
> > index 1e508576c7..332544b43c 100644
> > --- a/linux-user/syscall.c
> > +++ b/linux-user/syscall.c
> > @@ -3680,8 +3680,6 @@ static abi_long do_recvfrom(int fd, abi_ulong
> > msg, size_t len, int flags,
> > abi_long ret;
> >
> > host_msg = lock_user(VERIFY_WRITE, msg, len, 0);
> > - if (!host_msg)
> > - return -TARGET_EFAULT;
> > if (target_addr) {
> > if (get_user_u32(addrlen, target_addrlen)) {
> > ret = -TARGET_EFAULT;
> >
>
> Applied to my linux-user-for-6.0 branch
Doesn't this mean we'll now incorrectly treat "guest passed
a bad address" the same as "guest passed NULL" ? lock_user()
returns NULL for errors, so if you need to handle NULL input
specially you want something like
if (!msg) {
host_msg = NULL;
} else {
host_msg = lock_user(VERIFY_WRITE, msg, len, 0);
if (!host_msg) {
return -TARGET_EFAULT;
}
}
I think ?
thanks
-- PMM
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] linux-user: allow NULL msg in recvfrom
2021-03-26 13:28 ` Peter Maydell
@ 2021-03-26 13:36 ` Laurent Vivier
0 siblings, 0 replies; 5+ messages in thread
From: Laurent Vivier @ 2021-03-26 13:36 UTC (permalink / raw)
To: Peter Maydell; +Cc: Zach Reizner, QEMU Developers
Le 26/03/2021 à 14:28, Peter Maydell a écrit :
> On Fri, 26 Mar 2021 at 13:24, Laurent Vivier <laurent@vivier.eu> wrote:
>>
>> Le 26/03/2021 à 05:05, Zach Reizner a écrit :
>>> The kernel allows a NULL msg in recvfrom so that he size of the next
>>> message may be queried before allocating a correctly sized buffer. This
>>> change allows the syscall translator to pass along the NULL msg pointer
>>> instead of returning early with EFAULT.
>>>
>>> Signed-off-by: Zach Reizner <zachr@google.com>
>>> ---
>>> linux-user/syscall.c | 2 --
>>> 1 file changed, 2 deletions(-)
>>>
>>> diff --git a/linux-user/syscall.c b/linux-user/syscall.c
>>> index 1e508576c7..332544b43c 100644
>>> --- a/linux-user/syscall.c
>>> +++ b/linux-user/syscall.c
>>> @@ -3680,8 +3680,6 @@ static abi_long do_recvfrom(int fd, abi_ulong
>>> msg, size_t len, int flags,
>>> abi_long ret;
>>>
>>> host_msg = lock_user(VERIFY_WRITE, msg, len, 0);
>>> - if (!host_msg)
>>> - return -TARGET_EFAULT;
>>> if (target_addr) {
>>> if (get_user_u32(addrlen, target_addrlen)) {
>>> ret = -TARGET_EFAULT;
>>>
>>
>> Applied to my linux-user-for-6.0 branch
>
> Doesn't this mean we'll now incorrectly treat "guest passed
> a bad address" the same as "guest passed NULL" ? lock_user()
> returns NULL for errors, so if you need to handle NULL input
> specially you want something like
>
> if (!msg) {
> host_msg = NULL;
> } else {
> host_msg = lock_user(VERIFY_WRITE, msg, len, 0);
> if (!host_msg) {
> return -TARGET_EFAULT;
> }
> }
>
> I think ?
Yes, you're right.
Zach, could you update your patch?
Thanks,
Laurent
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2021-03-26 13:39 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-03-26 4:05 [PATCH] linux-user: allow NULL msg in recvfrom Zach Reizner
2021-03-26 9:07 ` Laurent Vivier
2021-03-26 13:23 ` Laurent Vivier
2021-03-26 13:28 ` Peter Maydell
2021-03-26 13:36 ` Laurent Vivier
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).