[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v7 6/7] tools: add example application to initialize dom0less PV drivers

To: Stefano Stabellini <sstabellini@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
From: Julien Grall <julien@xxxxxxx>
Date: Sat, 14 May 2022 17:19:17 +0100
Cc: jgross@xxxxxxxx, Bertrand.Marquis@xxxxxxx, Volodymyr_Babchuk@xxxxxxxx, Luca Miccio <lucmiccio@xxxxxxxxx>, Stefano Stabellini <stefano.stabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>
Delivery-date: Sat, 14 May 2022 16:19:28 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Hi Stefano,

On 13/05/2022 22:07, Stefano Stabellini wrote:

diff --git a/tools/helpers/init-dom0less.c b/tools/helpers/init-dom0less.c
new file mode 100644
index 0000000000..3e7ad54da7
--- /dev/null
+++ b/tools/helpers/init-dom0less.c
@@ -0,0 +1,345 @@
+#include <stdbool.h>
+#include <syslog.h>
+#include <stdio.h>
+#include <err.h>
+#include <stdlib.h>
+#include <sys/mman.h>
+#include <sys/time.h>
+#include <xenstore.h>
+#include <xenctrl.h>
+#include <xenguest.h>
+#include <libxl.h>
+#include <xenevtchn.h>
+#include <xenforeignmemory.h>
+#include <xen/io/xs_wire.h>
+
+#include "init-dom-json.h"
+
+#define XENSTORE_PFN_OFFSET 1
+#define STR_MAX_LENGTH 64

Sorry, I should have spotted this earlier. Looking at the nodes below,the node control/platform-feature-multiprocessor-suspend would result to63 characters without even the domid:

42sh> echo -n'/local/domain//control/platform-feature-multiprocessor-suspend' | wc -c

62

So I think it would be wiser to bump the value to 128 here.

+static bool do_xs_write_dom(struct xs_handle *xsh, xs_transaction_t t,
+                            domid_t domid, char *path, char *val)
+{
+    char full_path[STR_MAX_LENGTH];
+    struct xs_permissions perms[2];
+
+    perms[0].id = domid;
+    perms[0].perms = XS_PERM_NONE;
+    perms[1].id = 0;
+    perms[1].perms = XS_PERM_READ;
+
+    if (snprintf(full_path, STR_MAX_LENGTH,
+                 "/local/domain/%u/%s", domid, path) < 0)

The issue I mentionned above would not have been spotted because youonly check the value is negative. From glibc version 2.1,snprintf() returns the number of character (excluding the NUL bytes) itwould have written if the buffer is big enough.

So to avoid writing a truncated node, you will want to check the returnvalue is > 0 && < (STR_MAX_LENGTH - 1).

Looking at the code below, there are a few wrong use of snprintf(). Toavoid another round (we are at v7 already), I would be OK if they aredealt after so long we bump the size of the buffer.


The rest of the code looks ok:

Acked-by: Julien Grall <jgrall@xxxxxxxxxx>

Cheers,

--
Julien Grall

Follow-Ups:
- Re: [PATCH v7 6/7] tools: add example application to initialize dom0less PV drivers
  - From: Stefano Stabellini

References:
- [PATCH v7 0/7] dom0less PV drivers
  - From: Stefano Stabellini
- [PATCH v7 6/7] tools: add example application to initialize dom0less PV drivers
  - From: Stefano Stabellini

Prev by Date: [ovmf test] 170423: regressions - FAIL
Next by Date: [qemu-mainline test] 170412: tolerable FAIL - PUSHED
Previous by thread: [PATCH v7 6/7] tools: add example application to initialize dom0less PV drivers
Next by thread: Re: [PATCH v7 6/7] tools: add example application to initialize dom0less PV drivers
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.