Re: [Xen-devel] [PATCH v8 for-4.9 2/5] hvm/dmop: Make copy_buf_{from, to}_guest for a buffer not big enough an error.

Fri, 21 Apr 2017 07:10:49 -0700 

> -----Original Message-----
> From: jennifer.herb...@citrix.com [mailto:jennifer.herb...@citrix.com]
> Sent: 21 April 2017 15:06
> To: Xen-devel <xen-devel@lists.xen.org>
> Cc: Jennifer Herbert <jennifer.herb...@citrix.com>; Jennifer Herbert
> <jennifer.herb...@citrix.com>; Paul Durrant <paul.durr...@citrix.com>;
> Andrew Cooper <andrew.coop...@citrix.com>; Jan Beulich
> <jbeul...@suse.com>; Julien Grall <julien.gr...@arm.com>
> Subject: [PATCH v8 for-4.9 2/5] hvm/dmop: Make copy_buf_{from,
> to}_guest for a buffer not big enough an error.
> 
> From: Jennifer Herbert <jennifer.herb...@citrix.com>
> 
> This makes copying to or from a buf that isn't big enough an error.
> If the buffer isnt big enough, trying to carry on regardless
> can only cause trouble later on.
> 
> Signed-off-by: Jennifer Herbert <jennifer.herb...@citrix.com>

Reviewed-by: Paul Durrant <paul.durr...@citrix.com>

> --
> CC: Paul Durrant <paul.durr...@citrix.com>
> CC: Andrew Cooper <andrew.coop...@citrix.com>
> CC: Jan Beulich <jbeul...@suse.com>
> CC: Julien Grall <julien.gr...@arm.com>
> ---
> Switch buf_bytes to {dst, src}_bytes for copy_{from,to}_guest
> ---
>  xen/arch/x86/hvm/dm.c | 18 ++++++++++--------
>  1 file changed, 10 insertions(+), 8 deletions(-)
> 
> diff --git a/xen/arch/x86/hvm/dm.c b/xen/arch/x86/hvm/dm.c
> index e583e41..89186d2 100644
> --- a/xen/arch/x86/hvm/dm.c
> +++ b/xen/arch/x86/hvm/dm.c
> @@ -36,30 +36,32 @@ static bool copy_buf_from_guest(const
> xen_dm_op_buf_t bufs[],
>                                  unsigned int nr_bufs, void *dst,
>                                  unsigned int idx, size_t dst_size)
>  {
> -    size_t size;
> +    size_t buf_bytes;
> 
>      if ( idx >= nr_bufs )
>          return false;
> 
> -    memset(dst, 0, dst_size);
> -
> -    size = min_t(size_t, dst_size, bufs[idx].size);
> +    buf_bytes = bufs[idx].size;
> +    if ( dst_size > buf_bytes )
> +        return false;
> 
> -    return !copy_from_guest(dst, bufs[idx].h, size);
> +    return !copy_from_guest(dst, bufs[idx].h, dst_size);
>  }
> 
>  static bool copy_buf_to_guest(const xen_dm_op_buf_t bufs[],
>                                unsigned int nr_bufs, unsigned int idx,
>                                const void *src, size_t src_size)
>  {
> -    size_t size;
> +    size_t buf_bytes;
> 
>      if ( idx >= nr_bufs )
>          return false;
> 
> -    size = min_t(size_t, bufs[idx].size, src_size);
> +    buf_bytes = bufs[idx].size;
> +    if ( src_size > buf_bytes )
> +        return false;
> 
> -    return !copy_to_guest(bufs[idx].h, src, size);
> +    return !copy_to_guest(bufs[idx].h, src, src_size);
>  }
> 
>  static int track_dirty_vram(struct domain *d, xen_pfn_t first_pfn,
> --
> 2.1.4


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

Reply via email to