[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v3 15/15] argo: validate hypercall arg structures via compat machinery

To: "Christopher Clark" <christopher.w.clark@xxxxxxxxx>
From: "Jan Beulich" <JBeulich@xxxxxxxx>
Date: Tue, 22 Jan 2019 04:08:05 -0700
Cc: Tim Deegan <tim@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, ross.philipson@xxxxxxxxx, Jason Andryuk <jandryuk@xxxxxxxxx>, Daniel Smith <dpsmith@xxxxxxxxxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>, Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>, Rich Persaud <persaur@xxxxxxxxx>, James McKenzie <james@xxxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Julien Grall <julien.grall@xxxxxxx>, Paul Durrant <paul.durrant@xxxxxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, eric chanudet <eric.chanudet@xxxxxxxxx>, Roger Pau Monne <roger.pau@xxxxxxxxxx>
Delivery-date: Tue, 22 Jan 2019 11:08:16 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

>>> On 21.01.19 at 13:03, <JBeulich@xxxxxxxx> wrote:
>>>> On 20.01.19 at 22:18, <christopher.w.clark@xxxxxxxxx> wrote:
>> The "no repeated checks" problem also occurs when another separate
>> struct contains a field of a type that has already been checked:
>> whichever CHECK is performed second will break.
>> 
>> eg.
>> typedef struct xen_argo_ring_data_ent
>> {
>>     struct xen_argo_addr ring;
>>     uint16_t flags;
>>     uint16_t pad;
>>     uint32_t space_required;
>>     uint32_t max_message_size;
>> } xen_argo_ring_data_ent_t;
>> 
>> also has a field of type xen_argo_addr, which produces CHECK_argo_addr,
>> which then fails because that was already tested in
>> CHECK_argo_send_addr.
> 
> Hmm, I think the mcinfo example above contradicts this, because
> struct mcinfo_common is used by multiple other structures.

Due to

CHECK_mcinfo_common;
# undef xen_mcinfo_common
# undef CHECK_mcinfo_common
# define CHECK_mcinfo_common         struct mcinfo_common

which I think would be easy enough to use in your case as well
(until we could perhaps get around and address the underlying
issue, albeit it's not really clear to me how that should be done).

Jan



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH v3 15/15] argo: validate hypercall arg structures via compat machinery
  - From: Christopher Clark

References:
- [Xen-devel] [PATCH v3 00/15] Argo: hypervisor-mediated interdomain communication
  - From: Christopher Clark
- [Xen-devel] [PATCH v3 15/15] argo: validate hypercall arg structures via compat machinery
  - From: Christopher Clark
- Re: [Xen-devel] [PATCH v3 15/15] argo: validate hypercall arg structures via compat machinery
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH v3 15/15] argo: validate hypercall arg structures via compat machinery
  - From: Christopher Clark
- Re: [Xen-devel] [PATCH v3 15/15] argo: validate hypercall arg structures via compat machinery
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH v3 15/15] argo: validate hypercall arg structures via compat machinery
  - From: Christopher Clark
- Re: [Xen-devel] [PATCH v3 15/15] argo: validate hypercall arg structures via compat machinery
  - From: Jan Beulich

Prev by Date: Re: [Xen-devel] [PATCH v5 08/15] argo: implement the unregister op
Next by Date: Re: [Xen-devel] [PATCH v2 1/2] docs: Fix all links to Xen man pages in html
Previous by thread: Re: [Xen-devel] [PATCH v3 15/15] argo: validate hypercall arg structures via compat machinery
Next by thread: Re: [Xen-devel] [PATCH v3 15/15] argo: validate hypercall arg structures via compat machinery
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.