All of lore.kernel.org
 help / color / mirror / Atom feed
From: Peter Maydell <peter.maydell@linaro.org>
To: qemu-devel@nongnu.org
Subject: [PULL 15/45] linux-user: Check for overflow in access_ok
Date: Thu, 11 Feb 2021 12:58:30 +0000	[thread overview]
Message-ID: <20210211125900.22777-16-peter.maydell@linaro.org> (raw)
In-Reply-To: <20210211125900.22777-1-peter.maydell@linaro.org>

From: Richard Henderson <richard.henderson@linaro.org>

Verify that addr + size - 1 does not wrap around.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20210210000223.884088-7-richard.henderson@linaro.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 linux-user/qemu.h | 17 ++++++++++++-----
 1 file changed, 12 insertions(+), 5 deletions(-)

diff --git a/linux-user/qemu.h b/linux-user/qemu.h
index 17aa9921657..441ba6a78bb 100644
--- a/linux-user/qemu.h
+++ b/linux-user/qemu.h
@@ -491,12 +491,19 @@ extern unsigned long guest_stack_size;
 #define VERIFY_READ 0
 #define VERIFY_WRITE 1 /* implies read access */
 
-static inline int access_ok(int type, abi_ulong addr, abi_ulong size)
+static inline bool access_ok(int type, abi_ulong addr, abi_ulong size)
 {
-    return guest_addr_valid(addr) &&
-           (size == 0 || guest_addr_valid(addr + size - 1)) &&
-           page_check_range((target_ulong)addr, size,
-                            (type == VERIFY_READ) ? PAGE_READ : (PAGE_READ | PAGE_WRITE)) == 0;
+    if (!guest_addr_valid(addr)) {
+        return false;
+    }
+    if (size != 0 &&
+        (addr + size - 1 < addr ||
+         !guest_addr_valid(addr + size - 1))) {
+        return false;
+    }
+    return page_check_range((target_ulong)addr, size,
+                            (type == VERIFY_READ) ? PAGE_READ :
+                            (PAGE_READ | PAGE_WRITE)) == 0;
 }
 
 /* NOTE __get_user and __put_user use host pointers and don't check access.
-- 
2.20.1



  parent reply	other threads:[~2021-02-11 13:21 UTC|newest]

Thread overview: 48+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-02-11 12:58 [PULL 00/45] target-arm queue Peter Maydell
2021-02-11 12:58 ` [PULL 01/45] target/arm: Don't migrate CPUARMState.features Peter Maydell
2021-02-11 12:58 ` [PULL 02/45] target/arm: Fix SCR RES1 handling Peter Maydell
2021-02-11 12:58 ` [PULL 03/45] hw/arm: Remove GPIO from unimplemented NPCM7XX Peter Maydell
2021-02-11 12:58 ` [PULL 04/45] target/arm: Add support for FEAT_DIT, Data Independent Timing Peter Maydell
2021-02-11 12:58 ` [PULL 05/45] target/arm: Support AA32 DIT by moving PSTATE_SS from cpsr into env->pstate Peter Maydell
2021-02-11 12:58 ` [PULL 06/45] target/arm: Set ID_AA64PFR0.DIT and ID_PFR0.DIT to 1 for "max" AA64 CPU Peter Maydell
2021-02-11 12:58 ` [PULL 07/45] target/arm: Set ID_PFR0.DIT to 1 for "max" 32-bit CPU Peter Maydell
2021-02-11 12:58 ` [PULL 08/45] arm: Update infocenter.arm.com URLs Peter Maydell
2021-02-11 12:58 ` [PULL 09/45] accel/tcg: Add URL of clang bug to comment about our workaround Peter Maydell
2021-02-11 12:58 ` [PULL 10/45] tcg: Introduce target-specific page data for user-only Peter Maydell
2021-02-11 12:58 ` [PULL 11/45] linux-user: Introduce PAGE_ANON Peter Maydell
2021-02-11 12:58 ` [PULL 12/45] exec: Use uintptr_t for guest_base Peter Maydell
2021-02-11 12:58 ` [PULL 13/45] exec: Use uintptr_t in cpu_ldst.h Peter Maydell
2021-02-11 13:51   ` Philippe Mathieu-Daudé
2021-02-11 12:58 ` [PULL 14/45] exec: Improve types for guest_addr_valid Peter Maydell
2021-02-11 12:58 ` Peter Maydell [this message]
2021-02-11 12:58 ` [PULL 16/45] linux-user: Tidy VERIFY_READ/VERIFY_WRITE Peter Maydell
2021-02-11 12:58 ` [PULL 17/45] bsd-user: " Peter Maydell
2021-02-11 12:58 ` [PULL 18/45] linux-user: Do not use guest_addr_valid for h2g_valid Peter Maydell
2021-02-11 12:58 ` [PULL 19/45] linux-user: Fix guest_addr_valid vs reserved_va Peter Maydell
2021-02-11 12:58 ` [PULL 20/45] exec: Introduce cpu_untagged_addr Peter Maydell
2021-02-11 12:58 ` [PULL 21/45] exec: Use cpu_untagged_addr in g2h; split out g2h_untagged Peter Maydell
2021-02-11 12:58 ` [PULL 22/45] linux-user: Explicitly untag memory management syscalls Peter Maydell
2021-02-11 12:58 ` [PULL 23/45] linux-user: Use guest_range_valid in access_ok Peter Maydell
2021-02-11 12:58 ` [PULL 24/45] exec: Rename guest_{addr,range}_valid to *_untagged Peter Maydell
2021-02-11 12:58 ` [PULL 25/45] linux-user: Use cpu_untagged_addr in access_ok; split out *_untagged Peter Maydell
2021-02-11 12:58 ` [PULL 26/45] linux-user: Move lock_user et al out of line Peter Maydell
2021-02-11 12:58 ` [PULL 27/45] linux-user: Fix types in uaccess.c Peter Maydell
2021-02-11 12:58 ` [PULL 28/45] linux-user: Handle tags in lock_user/unlock_user Peter Maydell
2021-02-11 12:58 ` [PULL 29/45] linux-user/aarch64: Implement PR_TAGGED_ADDR_ENABLE Peter Maydell
2021-02-11 12:58 ` [PULL 30/45] target/arm: Improve gen_top_byte_ignore Peter Maydell
2021-02-11 12:58 ` [PULL 31/45] target/arm: Use the proper TBI settings for linux-user Peter Maydell
2021-02-11 12:58 ` [PULL 32/45] linux-user/aarch64: Implement PR_MTE_TCF and PR_MTE_TAG Peter Maydell
2021-02-11 12:58 ` [PULL 33/45] linux-user/aarch64: Implement PROT_MTE Peter Maydell
2021-02-11 12:58 ` [PULL 34/45] target/arm: Split out syndrome.h from internals.h Peter Maydell
2021-02-11 12:58 ` [PULL 35/45] linux-user/aarch64: Pass syndrome to EXC_*_ABORT Peter Maydell
2021-02-11 12:58 ` [PULL 36/45] linux-user/aarch64: Signal SEGV_MTESERR for sync tag check fault Peter Maydell
2021-02-11 12:58 ` [PULL 37/45] linux-user/aarch64: Signal SEGV_MTEAERR for async tag check error Peter Maydell
2021-02-11 12:58 ` [PULL 38/45] target/arm: Add allocation tag storage for user mode Peter Maydell
2021-02-11 12:58 ` [PULL 39/45] target/arm: Enable MTE for user-only Peter Maydell
2021-02-11 12:58 ` [PULL 40/45] tests/tcg/aarch64: Add mte smoke tests Peter Maydell
2021-02-11 12:58 ` [PULL 41/45] hw/net: Add npcm7xx emc model Peter Maydell
2021-02-11 12:58 ` [PULL 42/45] hw/arm: " Peter Maydell
2021-02-11 12:58 ` [PULL 43/45] tests/qtests: Add npcm7xx emc model test Peter Maydell
2021-02-11 12:58 ` [PULL 44/45] hw/arm: versal: Use nr_apu_cpus in favor of hard coding 2 Peter Maydell
2021-02-11 12:59 ` [PULL 45/45] target/arm: Correctly initialize MDCR_EL2.HPMN Peter Maydell
2021-02-11 13:58 ` [PULL 00/45] target-arm queue no-reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210211125900.22777-16-peter.maydell@linaro.org \
    --to=peter.maydell@linaro.org \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.