Re: [RFC PATCH v4 2/3] vfio: platform: access device property as a list of strings

Wed, 09 Sep 2015 23:37:46 -0700 

On Wed, Sep 9, 2015 at 10:48 PM, Alex Williamson <[email protected]
> wrote:

> On Wed, 2015-09-09 at 11:17 +0200, Baptiste Reynal wrote:
> > From: Antonios Motakis <[email protected]>
> >
> > Certain device properties (e.g. the device node name, the compatible
> > string), are available as a list of strings (separated by the null
> > terminating character). Let the VFIO user query this type of properties.
> >
> > Signed-off-by: Antonios Motakis <[email protected]>
> > Signed-off-by: Baptiste Reynal <[email protected]>
> >
> > ---
> > v3 -> v4:
> >  - The list length is computed before strings copy. If the entire list
> >    doesn't fit, no strings are copied to the user.
> > ---
> >  drivers/vfio/platform/properties.c | 43
> +++++++++++++++++++++++++++++++++++++-
> >  1 file changed, 42 insertions(+), 1 deletion(-)
> >
> > diff --git a/drivers/vfio/platform/properties.c
> b/drivers/vfio/platform/properties.c
> > index 98754c2..8bf9c8f 100644
> > --- a/drivers/vfio/platform/properties.c
> > +++ b/drivers/vfio/platform/properties.c
> > @@ -22,7 +22,48 @@ static int dev_property_get_strings(struct device
> *dev, uint32_t *flags,
> >                                   char *name, unsigned *lenp,
> >                                   void __user *datap, unsigned long
> datasz)
> >  {
> > -     return -EINVAL;
> > +     const char **val;
> > +     int n, i, ret;
> > +
> > +     if (lenp == NULL)
> > +             return -EFAULT;
>
> Paranoia?
>

Kind of, automatic reflex.


>
> > +
> > +     *lenp = 0;
> > +
> > +     n = device_property_read_string_array(dev, name, NULL, 0);
> > +     if (n < 0)
> > +             return n;
> > +
> > +     val = kcalloc(n, sizeof(char *), GFP_KERNEL);
> > +     if (!val)
> > +             return -ENOMEM;
> > +
> > +     ret = device_property_read_string_array(dev, name, val, n);
> > +     if (ret < 0)
> > +             goto out;
> > +
> > +     for (i = 0; i < n; i++)
> > +             *lenp += strlen(val[i]) + 1;
> > +
> > +     if (datasz < *lenp) {
> > +             ret = -E2BIG;
> > +             goto out;
> > +     }
> > +
> > +     for (i = 0; i < n; i++) {
> > +             size_t len = strlen(val[i]) + 1;
> > +
> > +             if (copy_to_user(datap, val[i], strlen(val[i]) + 1)) {
>
> No need to call strlen() again here
>

Thanks, will be fixed.


>
> > +                     ret = -EFAULT;
> > +                     goto out;
> > +             }
> > +
> > +             datap += len;
> > +     }
> > +
> > +out:
> > +     kfree(val);
> > +     return ret;
> >  }
> >
> >  static int dev_property_get_uint(struct device *dev, uint32_t *flags,
>
>
>
>

_______________________________________________
iommu mailing list
[email protected]
https://lists.linuxfoundation.org/mailman/listinfo/iommu

Reply via email to