Xen project Mailing List

Re: [Xen-devel] Xen Security Advisory 206 - xenstore denial of service via repeated update

To: Michael Young <m.a.young@xxxxxxxxxxxx>

From: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>

Date: Fri, 31 Mar 2017 18:00:44 +0100

Cc: xen-users@xxxxxxxxxxxxx, xen-devel@xxxxxxxxxxxxx, "Xen.org security team" <security@xxxxxxx>

Delivery-date: Fri, 31 Mar 2017 17:00:56 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

(dropping some of the lists) Michael Young writes ("Re: [Xen-devel] Xen Security Advisory 206 - xenstore denial of service via repeated update"): > On Wed, 29 Mar 2017, Xen.org security team wrote: > > Xen Security Advisory XSA-206 > > version 9 > > xenstore denial of service via repeated update > > I am seeing a build failure from these patches when using gcc 7. The > problem is with > xsa206-4.80002-xenstored-Log-when-the-write-transaction-rate-limit-.patch > because in tools/xenstore/xenstored_domain.c the patch adds the boolean > wrl_delay_logged to the structure "domain" but later it tries to increment > it, resulting in the error > xenstored_domain.c: In function 'wrl_apply_debit_actual': > xenstored_domain.c:949:32: error: increment of a boolean expression > [-Werror=bool-operation] > if (!domain->wrl_delay_logged++) { I think this warning is wrong. 1. Increment of a boolean expression is perfectly well-defined: With `_Bool b;', `b++' is equivalent to `b += 1' (C99 6.5.3.1(2)) That in turn is equivalent to `b = b + 1' (except that the lvalue b is evaluated only once) (C99 6.5.16.2(3)) The expression b + 1 is of type int (because 1 is of type int and b gets promoted to int by the usual arithmetic conversions (6.3.1.8, 6.3.1.1) since _Bool is the lowest ranked type. So the expression has value 1 or 2. The constraints for the assignment (6.5.16.1) are satisfied because both operands are arithmetic. The right operand is converted to the type of the left (6.5.16.1(2)). Ie we convert (int)1 or (int)2 to _Bool. This is defined to be a zero-test (6.3.1.2) so the assigned value is 1. 2. Increment of a boolean expression feels more idiomatic to me, certainly in this case, than plain assignment of 1. (It is also more flexible in case the code should be changed to count rather than simply flag.) It's a shame that we can't disable the warning about incrementing or decrementing booleans, from other possible useful warnings such as attempts to bitwise-invert them. Ian. _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx https://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.