From: "Andreas Färber" <afaerber@suse.de>
To: Peter Maydell <peter.maydell@linaro.org>
Cc: Cornelia Huck <cornelia.huck@de.ibm.com>,
patches@linaro.org, qemu-devel@nongnu.org,
Anthony Liguori <anthony@codemonkey.ws>,
Alexander Graf <agraf@suse.de>
Subject: Re: [Qemu-devel] [PATCH 0/2] object_initialize: check size of passed in memory
Date: Fri, 23 Aug 2013 16:13:24 +0200 [thread overview]
Message-ID: <52176E04.9060801@suse.de> (raw)
In-Reply-To: <1377265136-8559-1-git-send-email-peter.maydell@linaro.org>
Am 23.08.2013 15:38, schrieb Peter Maydell:
> This patchset addresses a concern that came up with Andreas' recent
> patches for using embedded objects in some of the ARM CPU devices:
> object_initialize() doesn't check that there's actually enough space
> for the type being added, so if you have:
>
> struct MyDevice {
> ...
> SomeObject obj;
> };
>
> object_initialize(&mydev->obj, "some-object");
>
> then there's no compile time or runtime check that SomeObject
> is really big enough for the "some-object" object -- if the
> implementation is changed later then there will be silent
> memory corruption.
>
> These patches make object_initialize() a macro which can then
> use sizeof(*PTR) to pass the size into the implementation to
> be checked.
Based on your comment I was already preparing a patch to add an explicit
size argument - there's only 33 users in qemu.git, and it would cover
qbus_create_inplace() and other indirect users as well.
> The virtio patch is worth applying anyway -- it removes some
> pointless casts which would otherwise have caused false
> positives.
Agreed. We shouldn't cast objects before they're initialized. That
OBJECT() is a no-op today I would consider an implementation detail.
Regards,
Andreas
>
> Disclaimer: I've eyeballed all the uses of object_initialize()
> but I haven't necessarily tested them all.
>
> Peter Maydell (2):
> virtio: Remove unnecessary OBJECT casts
> qom: Make object_initialize and object_initialize_with_type check
> size
>
> hw/core/qdev.c | 2 +-
> hw/s390x/s390-virtio-bus.c | 12 ++++++------
> hw/s390x/virtio-ccw.c | 14 +++++++-------
> hw/virtio/virtio-pci.c | 16 ++++++++--------
> include/qom/object.h | 36 ++++++++++++++++++++++++++++++++++--
> qom/object.c | 9 +++++----
> 6 files changed, 61 insertions(+), 28 deletions(-)
>
--
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg
prev parent reply other threads:[~2013-08-23 14:13 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-08-23 13:38 [Qemu-devel] [PATCH 0/2] object_initialize: check size of passed in memory Peter Maydell
2013-08-23 13:38 ` [Qemu-devel] [PATCH 1/2] virtio: Remove unnecessary OBJECT casts Peter Maydell
2013-08-23 14:19 ` Andreas Färber
2013-08-23 13:38 ` [Qemu-devel] [PATCH 2/2] qom: Make object_initialize and object_initialize_with_type check size Peter Maydell
2013-08-23 14:13 ` Andreas Färber [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=52176E04.9060801@suse.de \
--to=afaerber@suse.de \
--cc=agraf@suse.de \
--cc=anthony@codemonkey.ws \
--cc=cornelia.huck@de.ibm.com \
--cc=patches@linaro.org \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.