xen-devel.lists.xenproject.org archive mirror
 help / color / mirror / Atom feed
From: Jan Beulich <jbeulich@suse.com>
To: "Jürgen Groß" <jgross@suse.com>
Cc: "Stefano Stabellini" <sstabellini@kernel.org>,
	"Julien Grall" <julien@xen.org>, "Wei Liu" <wl@xen.org>,
	"Andrew Cooper" <andrew.cooper3@citrix.com>,
	"Ian Jackson" <ian.jackson@eu.citrix.com>,
	"George Dunlap" <george.dunlap@citrix.com>,
	xen-devel@lists.xenproject.org,
	"Daniel De Graaf" <dgdegra@tycho.nsa.gov>,
	"Volodymyr Babchuk" <Volodymyr_Babchuk@epam.com>,
	"Roger Pau Monné" <roger.pau@citrix.com>
Subject: Re: [PATCH v7 04/12] xen: add basic hypervisor filesystem support
Date: Fri, 3 Apr 2020 17:31:37 +0200	[thread overview]
Message-ID: <1b83570b-17ac-9da4-cfee-fbd44c7d3edf@suse.com> (raw)
In-Reply-To: <d454afb8-40ff-c8a4-7a5a-6f8f4f4f0e4a@suse.com>

On 03.04.2020 17:05, Jürgen Groß wrote:
> On 03.04.20 16:23, Jan Beulich wrote:
>> On 02.04.2020 17:46, Juergen Gross wrote:
>>> +int hypfs_write_leaf(struct hypfs_entry_leaf *leaf,
>>> +                     XEN_GUEST_HANDLE_PARAM(void) uaddr, unsigned long ulen)
>>> +{
>>> +    char *buf;
>>> +    int ret;
>>> +
>>> +    if ( leaf->e.type != XEN_HYPFS_TYPE_STRING &&
>>> +         leaf->e.type != XEN_HYPFS_TYPE_BLOB && ulen != leaf->e.size )
>>> +        return -EDOM;
>>> +
>>> +    buf = xmalloc_array(char, ulen);
>>> +    if ( !buf )
>>> +        return -ENOMEM;
>>> +
>>> +    ret = -EFAULT;
>>> +    if ( copy_from_guest(buf, uaddr, ulen) )
>>> +        goto out;
>>> +
>>> +    ret = -EINVAL;
>>> +    if ( leaf->e.type == XEN_HYPFS_TYPE_STRING &&
>>> +         memchr(buf, 0, ulen) != (buf + ulen - 1) )
>>> +        goto out;
>>> +
>>> +    ret = 0;
>>> +    memcpy(leaf->write_ptr, buf, ulen);
>>> +    leaf->e.size = ulen;
>>> +
>>> + out:
>>> +    xfree(buf);
>>> +    return ret;
>>> +}
>>> +
>>> +int hypfs_write_bool(struct hypfs_entry_leaf *leaf,
>>> +                     XEN_GUEST_HANDLE_PARAM(void) uaddr, unsigned long ulen)
>>> +{
>>> +    bool buf;
>>> +
>>> +    ASSERT(leaf->e.type == XEN_HYPFS_TYPE_BOOL && leaf->e.size == sizeof(bool));
>>> +
>>> +    if ( ulen != leaf->e.max_size )
>>
>> Why max_size here when the ASSERT() checks size?
> 
> Just for consistency with the other write functions.

In which case perhaps extend the ASSERT() to also check max_size?

>>> +static int hypfs_write(struct hypfs_entry *entry,
>>> +                       XEN_GUEST_HANDLE_PARAM(void) uaddr, unsigned long ulen)
>>> +{
>>> +    struct hypfs_entry_leaf *l;
>>> +
>>> +    if ( !entry->write )
>>> +        return -EACCES;
>>> +
>>> +    if ( ulen > entry->max_size )
>>> +        return -ENOSPC;
>>
>> max_size being zero for non-writable entries, perhaps use -EACCES
>> also for this special case? Together with the other comment above,
>> maybe the ->write check wants replacing this way?
> 
> Checking the write function being not NULL is a nice security addon,
> as I avoid to call into a non existing function. Basically both tests
> would be equivalent, but this one is IMO better to avoid crashes.

In which case perhaps ASSERT(entry->max_size) between the two if()s?

Jan


  reply	other threads:[~2020-04-03 15:32 UTC|newest]

Thread overview: 45+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-04-02 15:46 [PATCH v7 00/12] Add hypervisor sysfs-like support Juergen Gross
2020-04-02 15:46 ` [PATCH v7 01/12] xen/vmx: let opt_ept_ad always reflect the current setting Juergen Gross
2020-04-03 14:05   ` Jan Beulich
2020-04-03 14:56     ` Jürgen Groß
2020-04-02 15:46 ` [PATCH v7 02/12] xen: add a generic way to include binary files as variables Juergen Gross
2020-04-02 15:46 ` [PATCH v7 03/12] docs: add feature document for Xen hypervisor sysfs-like support Juergen Gross
2020-04-27 13:55   ` George Dunlap
2020-05-07 11:17     ` Jürgen Groß
2020-04-02 15:46 ` [PATCH v7 04/12] xen: add basic hypervisor filesystem support Juergen Gross
2020-04-03 14:23   ` Jan Beulich
2020-04-03 15:05     ` Jürgen Groß
2020-04-03 15:31       ` Jan Beulich [this message]
2020-04-03 15:33         ` Jürgen Groß
2020-04-02 15:46 ` [PATCH v7 05/12] libs: add libxenhypfs Juergen Gross
2020-04-27 14:53   ` George Dunlap
2020-05-07 11:35     ` Jürgen Groß
2020-04-02 15:46 ` [PATCH v7 06/12] tools: add xenfs tool Juergen Gross
2020-04-02 15:46 ` [PATCH v7 07/12] xen: provide version information in hypfs Juergen Gross
2020-04-02 15:46 ` [PATCH v7 08/12] xen: add /buildinfo/config entry to hypervisor filesystem Juergen Gross
2020-04-03 14:31   ` Jan Beulich
2020-04-03 15:12     ` Jürgen Groß
2020-04-03 15:33       ` Jan Beulich
2020-04-03 15:45         ` Jürgen Groß
2020-04-06 12:29           ` Jan Beulich
2020-04-27 15:40             ` Jürgen Groß
2020-04-27 16:25               ` George Dunlap
2020-04-28  7:20                 ` Jan Beulich
2020-04-28  8:24                   ` George Dunlap
2020-04-28  8:39                     ` Jan Beulich
2020-04-28  9:43                       ` Julien Grall
2020-04-28  9:59                         ` Jan Beulich
2020-04-28 10:06                           ` Julien Grall
2020-04-28 11:23                       ` George Dunlap
2020-04-28 11:30                         ` Jürgen Groß
2020-04-02 15:46 ` [PATCH v7 09/12] xen: add runtime parameter access support to hypfs Juergen Gross
2020-04-03 14:51   ` Jan Beulich
2020-04-03 15:31     ` Jürgen Groß
2020-04-14  9:29       ` Julien Grall
2020-04-14  9:31         ` Jan Beulich
2020-04-14  9:45           ` Julien Grall
2020-04-14  9:50             ` Jan Beulich
2020-04-14 10:38               ` Julien Grall
2020-04-02 15:46 ` [PATCH v7 10/12] tools/libxl: use libxenhypfs for setting xen runtime parameters Juergen Gross
2020-04-02 15:46 ` [PATCH v7 11/12] tools/libxc: remove xc_set_parameters() Juergen Gross
2020-04-02 15:46 ` [PATCH v7 12/12] xen: remove XEN_SYSCTL_set_parameter support Juergen Gross

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1b83570b-17ac-9da4-cfee-fbd44c7d3edf@suse.com \
    --to=jbeulich@suse.com \
    --cc=Volodymyr_Babchuk@epam.com \
    --cc=andrew.cooper3@citrix.com \
    --cc=dgdegra@tycho.nsa.gov \
    --cc=george.dunlap@citrix.com \
    --cc=ian.jackson@eu.citrix.com \
    --cc=jgross@suse.com \
    --cc=julien@xen.org \
    --cc=roger.pau@citrix.com \
    --cc=sstabellini@kernel.org \
    --cc=wl@xen.org \
    --cc=xen-devel@lists.xenproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).