[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 3/8] xen/blkfront: don't take local copy of a request from the ring page

On 17.05.21 16:01, Jan Beulich wrote:
On 13.05.2021 12:02, Juergen Gross wrote:
In order to avoid a malicious backend being able to influence the local
copy of a request build the request locally first and then copy it to
the ring page instead of doing it the other way round as today.

Signed-off-by: Juergen Gross <jgross@xxxxxxxx>

Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx>
with one remark/question:

@@ -703,6 +704,7 @@ static int blkif_queue_rw_req(struct request *req,
struct blkfront_ring_info *ri
        struct blkfront_info *info = rinfo->dev_info;
        struct blkif_request *ring_req, *extra_ring_req = NULL;
+       struct blkif_request *final_ring_req, *final_extra_ring_req;

Without setting final_extra_ring_req to NULL just like is done for
extra_ring_req, ...

@@ -840,10 +845,10 @@ static int blkif_queue_rw_req(struct request *req, struct 
blkfront_ring_info *ri
        if (setup.segments)
- /* Keep a private copy so we can reissue requests when recovering. */
-       rinfo->shadow[id].req = *ring_req;
+       /* Copy request(s) to the ring page. */
+       *final_ring_req = *ring_req;
        if (unlikely(require_extra_req))
-               rinfo->shadow[extra_id].req = *extra_ring_req;
+               *final_extra_ring_req = *extra_ring_req;

... are you sure all supported compilers will recognize the
conditional use and not warn about use of a possibly uninitialized

Hmm, probably better safe than sorry. Will change it.


Attachment: OpenPGP_0xB0DE9DD628BF132F.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature
Description: OpenPGP digital signature



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.