From: Juergen Gross <jgross@suse.com>
To: xen-devel@lists.xenproject.org, linuxppc-dev@lists.ozlabs.org,
linux-kernel@vger.kernel.org
Cc: Juergen Gross <jgross@suse.com>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Jiri Slaby <jirislaby@kernel.org>
Subject: [PATCH 8/8] xen/hvc: replace BUG_ON() with negative return value
Date: Thu, 13 May 2021 12:03:02 +0200 [thread overview]
Message-ID: <20210513100302.22027-9-jgross@suse.com> (raw)
In-Reply-To: <20210513100302.22027-1-jgross@suse.com>
Xen frontends shouldn't BUG() in case of illegal data received from
their backends. So replace the BUG_ON()s when reading illegal data from
the ring page with negative return values.
Signed-off-by: Juergen Gross <jgross@suse.com>
---
drivers/tty/hvc/hvc_xen.c | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
diff --git a/drivers/tty/hvc/hvc_xen.c b/drivers/tty/hvc/hvc_xen.c
index 92c9a476defc..30d7ffb1e04c 100644
--- a/drivers/tty/hvc/hvc_xen.c
+++ b/drivers/tty/hvc/hvc_xen.c
@@ -86,6 +86,11 @@ static int __write_console(struct xencons_info *xencons,
cons = intf->out_cons;
prod = intf->out_prod;
mb(); /* update queue values before going on */
+
+ if (WARN_ONCE((prod - cons) > sizeof(intf->out),
+ "Illegal ring page indices"))
+ return -EINVAL;
+
BUG_ON((prod - cons) > sizeof(intf->out));
while ((sent < len) && ((prod - cons) < sizeof(intf->out)))
@@ -114,7 +119,10 @@ static int domU_write_console(uint32_t vtermno, const char *data, int len)
*/
while (len) {
int sent = __write_console(cons, data, len);
-
+
+ if (sent < 0)
+ return sent;
+
data += sent;
len -= sent;
@@ -138,7 +146,10 @@ static int domU_read_console(uint32_t vtermno, char *buf, int len)
cons = intf->in_cons;
prod = intf->in_prod;
mb(); /* get pointers before reading ring */
- BUG_ON((prod - cons) > sizeof(intf->in));
+
+ if (WARN_ONCE((prod - cons) > sizeof(intf->in),
+ "Illegal ring page indices"))
+ return -EINVAL;
while (cons != prod && recv < len)
buf[recv++] = intf->in[MASK_XENCONS_IDX(cons++, intf->in)];
--
2.26.2
next prev parent reply other threads:[~2021-05-13 10:06 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-05-13 10:02 [PATCH 0/8] xen: harden frontends against malicious backends Juergen Gross
2021-05-13 10:02 ` Juergen Gross
2021-05-13 10:02 ` [PATCH 1/8] xen: sync include/xen/interface/io/ring.h with Xen's newest version Juergen Gross
2021-05-13 10:02 ` [PATCH 2/8] xen/blkfront: read response from backend only once Juergen Gross
2021-05-17 13:50 ` Jan Beulich
2021-05-13 10:02 ` [PATCH 3/8] xen/blkfront: don't take local copy of a request from the ring page Juergen Gross
2021-05-17 14:01 ` Jan Beulich
2021-05-17 14:11 ` Juergen Gross
2021-05-13 10:02 ` [PATCH 4/8] xen/blkfront: don't trust the backend response data blindly Juergen Gross
2021-05-17 14:11 ` Jan Beulich
2021-05-17 14:23 ` Juergen Gross
2021-05-17 15:12 ` Jan Beulich
2021-05-17 15:22 ` Juergen Gross
2021-05-17 15:33 ` Jan Beulich
2021-07-08 5:47 ` Juergen Gross
2021-07-08 6:37 ` Jan Beulich
2021-07-08 6:40 ` Juergen Gross
2021-07-08 6:52 ` Jan Beulich
2021-07-08 6:56 ` Juergen Gross
2021-05-13 10:02 ` [PATCH 5/8] xen/netfront: read response from backend only once Juergen Gross
2021-05-17 14:20 ` Jan Beulich
2021-05-17 14:24 ` Juergen Gross
2021-05-13 10:03 ` [PATCH 6/8] xen/netfront: don't read data from request on the ring page Juergen Gross
2021-05-17 15:08 ` Jan Beulich
2021-05-13 10:03 ` [PATCH 7/8] xen/netfront: don't trust the backend response data blindly Juergen Gross
2021-05-17 15:31 ` Jan Beulich
2021-05-13 10:03 ` Juergen Gross [this message]
2021-05-13 10:16 ` [PATCH 8/8] xen/hvc: replace BUG_ON() with negative return value Christophe Leroy
2021-05-13 10:20 ` Juergen Gross
2021-05-13 10:25 ` Greg Kroah-Hartman
2021-05-13 10:35 ` Juergen Gross
2021-05-21 10:43 ` [PATCH 0/8] xen: harden frontends against malicious backends Marek Marczykowski-Górecki
2021-05-21 10:43 ` Marek Marczykowski-Górecki
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210513100302.22027-9-jgross@suse.com \
--to=jgross@suse.com \
--cc=gregkh@linuxfoundation.org \
--cc=jirislaby@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.