[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] guestcopy: evaluate {,__}copy{,_field}_to_guest*() arguments just once
Hi,
On 01/04/2020 15:29, Jan Beulich wrote:
There's nothing wrong with having e.g.
copy_to_guest(uarg, ptr++, 1);
yet until now this would increment "ptr" twice.
Is there such use in Xen today? I guess not as we would have noticed any
issue.
Also drop a pair of unneeded parentheses from every instance at this
occasion.
Fixes: b7954cc59831 ("Enhance guest memory accessor macros so that source operands
can be")
Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
---
Arm side untested so far, as I don't have all the tool chain pieces
available at home.
I will have a look.
---
This goes on top of the assumed v2 of Julien's "xen/guest_access: Harden
copy_to_guest_offset to prevent const dest operand".
--- a/xen/include/asm-arm/guest_access.h
+++ b/xen/include/asm-arm/guest_access.h
@@ -79,7 +79,7 @@ int access_guest_memory_by_ipa(struct do
const typeof(*(ptr)) *_s = (ptr); \
char (*_d)[sizeof(*_s)] = (void *)(hnd).p; \
void *__maybe_unused _t = (hnd).p; \
- ((void)((hnd).p == (ptr))); \
+ (void)((hnd).p == _s); \
May I ask why this is a problem with 'ptr' but not 'hnd'? Wouldn't it
theorically possible to have an array of handle?
Cheers,
--
Julien Grall
|
