From: Julien Grall <julien.grall@linaro.org>
To: Jan Beulich <JBeulich@suse.com>, Daniel De Graaf <dgdegra@tycho.nsa.gov>
Cc: Keir Fraser <keir@xen.org>,
ian.campbell@citrix.com, tim@xen.org,
Ian Jackson <ian.jackson@eu.citrix.com>,
stefano.stabellini@citrix.com, xen-devel@lists.xenproject.org
Subject: Re: [RFC 02/19] xen: guestcopy: Provide an helper to copy string from guest
Date: Wed, 18 Jun 2014 13:53:13 +0100 [thread overview]
Message-ID: <53A18BB9.9020302@linaro.org> (raw)
In-Reply-To: <53A1A6DE020000780001B5D6@mail.emea.novell.com>
On 06/18/2014 01:49 PM, Jan Beulich wrote:
>>>> On 18.06.14 at 14:22, <julien.grall@linaro.org> wrote:
>> On 06/18/2014 12:59 PM, Jan Beulich wrote:
>>>>>> On 18.06.14 at 00:43, <dgdegra@tycho.nsa.gov> wrote:
>>>> On 06/17/2014 05:23 AM, Julien Grall wrote:
>>>>>
>>>>>
>>>>> On 17/06/14 10:17, Jan Beulich wrote:
>>>>>>>>> On 17.06.14 at 11:09, <julien.grall@linaro.org> wrote:
>>>>>>> On 17/06/14 09:01, Jan Beulich wrote:
>>>>>>>>>>> On 16.06.14 at 18:17, <julien.grall@linaro.org> wrote:
>>>>>>>>> +
>>>>>>>>> + /* Add an extra +1 to append \0. We can't assume the guest will
>>>>>>>>> + * provide a valid string */
>>>>>>>>
>>>>>>>> Now this is the case for flask, but for a generic string copying
>>>>>>>> routine I don't think this is desirable. It seems especially wrong to
>>>>>>>> aid the guest with putting a NUL where none was. If you really
>>>>>>>> want this, I guess you would be better off adding two variants:
>>>>>>>> One which demands the string to be NUL-terminated (in which
>>>>>>>> case passing in a size is sort of bogus), and one which takes a
>>>>>>>> size and inserts a NUL.
>>>>
>>>> I'm not sure why you would want a string copy-in function to not
>>>> NUL-terminate the strings it copies in. If you don't want the strings
>>>> to be NUL-terminated at all, I would call it buffer copy-in function
>>>> (and copy_from_guest seems to cover buffer copy-in better). If you want
>>>> the strings to be NUL-terminated and the guest has passed you a length,
>>>> it's simpler to have the hypervisor add the NUL instead of copying it
>>>> and then checking that it is there. The current toolstack code for
>>>> XSM/FLASK relies on the hypervisor to add the NUL terminator, since it
>>>> often passes in (s, strlen(s)).
>>>
>>> I didn't say to just leave such strings unterminated. Instead I said
>>> that if there is no zero terminator, rather than putting one there we
>>> should just fail the operation if the buffer size limit was exceeded.
>>
>> It looks like I use the same trick as for flask, i.e using strlen(s) and
>> therefore let the hypervisor set the NUL-terminator.
>>
>> I will add a comment on this function to say that we expect the
>> hypervisor to set the NUL-terminator.
>
> But just to make sure - the generic helper introduced there shouldn't
> behave that way if being given the proposed name.
How will you rename the function?
--
Julien Grall
next prev parent reply other threads:[~2014-06-18 12:53 UTC|newest]
Thread overview: 122+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-06-16 16:17 [RFC 00/19] xe/arm: Add support for non-pci passthrough Julien Grall
2014-06-16 16:17 ` [RFC 01/19] xen/arm: guest_physmap_remove_page: Print a warning if we fail to unmap the page Julien Grall
2014-06-18 15:03 ` Stefano Stabellini
2014-07-03 10:52 ` Ian Campbell
2014-07-03 11:17 ` Julien Grall
2014-06-16 16:17 ` [RFC 02/19] xen: guestcopy: Provide an helper to copy string from guest Julien Grall
2014-06-17 8:01 ` Jan Beulich
2014-06-17 9:09 ` Julien Grall
2014-06-17 9:17 ` Jan Beulich
2014-06-17 9:23 ` Julien Grall
2014-06-17 22:43 ` Daniel De Graaf
2014-06-18 11:59 ` Jan Beulich
2014-06-18 12:22 ` Julien Grall
2014-06-18 12:49 ` Jan Beulich
2014-06-18 12:53 ` Julien Grall [this message]
2014-06-18 13:01 ` Jan Beulich
2014-06-24 14:58 ` Julien Grall
2014-06-16 16:17 ` [RFC 03/19] xen/arm: follow-up to allow DOM0 manage IRQ and MMIO Julien Grall
2014-06-18 20:21 ` Stefano Stabellini
2014-06-18 20:32 ` Julien Grall
2014-07-03 11:02 ` Ian Campbell
2014-07-03 11:23 ` Julien Grall
2014-07-03 12:12 ` Ian Campbell
2014-06-16 16:17 ` [RFC 04/19] xen/arm: route_irq_to_guest: Check validity of the IRQ Julien Grall
2014-06-18 18:52 ` Stefano Stabellini
2014-06-18 19:03 ` Julien Grall
2014-07-03 11:04 ` Ian Campbell
2014-07-03 11:47 ` Julien Grall
2014-06-16 16:17 ` [RFC 05/19] xen/arm: Release IRQ routed to a domain when it's destroying Julien Grall
2014-06-18 18:08 ` Stefano Stabellini
2014-06-18 18:26 ` Julien Grall
2014-06-18 18:48 ` Stefano Stabellini
2014-06-18 18:54 ` Julien Grall
2014-06-18 19:06 ` Stefano Stabellini
2014-06-18 19:09 ` Julien Grall
2014-06-16 16:17 ` [RFC 06/19] xen/arm: Implement hypercall PHYSDEVOP_map_pirq Julien Grall
2014-06-18 19:24 ` Stefano Stabellini
2014-06-19 11:39 ` Julien Grall
2014-06-19 12:29 ` Stefano Stabellini
2014-07-03 11:27 ` Ian Campbell
2014-07-03 12:02 ` Julien Grall
2014-07-03 12:53 ` Ian Campbell
2014-07-15 13:01 ` Julien Grall
2014-07-15 13:03 ` Ian Campbell
2014-08-18 19:20 ` Andrii Tseglytskyi
2014-08-18 21:55 ` Julien Grall
2014-08-19 9:11 ` Andrii Tseglytskyi
2014-08-19 14:24 ` Julien Grall
2014-06-16 16:17 ` [RFC 07/19] xen/dts: Use unsigned int for MMIO and IRQ index Julien Grall
2014-06-18 18:54 ` Stefano Stabellini
2014-06-19 11:42 ` Julien Grall
2014-06-16 16:17 ` [RFC 08/19] xen/dts: Provide an helper to get a DT node from a path provided by a guest Julien Grall
2014-07-03 11:30 ` Ian Campbell
2014-07-03 11:49 ` Julien Grall
2014-07-03 12:13 ` Ian Campbell
2014-07-03 12:22 ` Julien Grall
2014-06-16 16:17 ` [RFC 09/19] xen/dts: Add hypercalls to retrieve device node information Julien Grall
2014-06-18 19:38 ` Stefano Stabellini
2014-06-19 11:58 ` Julien Grall
2014-06-19 12:21 ` Stefano Stabellini
2014-06-19 12:25 ` Julien Grall
2014-07-03 11:40 ` Ian Campbell
2014-06-24 8:46 ` Christoffer Dall
2014-07-03 11:34 ` Ian Campbell
2014-07-03 11:33 ` Ian Campbell
2014-07-03 11:51 ` Julien Grall
2014-07-03 12:13 ` Ian Campbell
2014-06-16 16:17 ` [RFC 10/19] xen/passthrough: Introduce iommu_buildup Julien Grall
2014-07-03 11:45 ` Ian Campbell
2014-07-03 11:55 ` Julien Grall
2014-06-16 16:17 ` [RFC 11/19] xen/passthrough: Call arch_iommu_domain_destroy before calling iommu_teardown Julien Grall
2014-06-17 8:07 ` Jan Beulich
2014-06-17 9:18 ` Julien Grall
2014-06-17 9:29 ` Jan Beulich
2014-06-17 12:38 ` Julien Grall
2014-06-17 13:04 ` Jan Beulich
2014-06-18 12:24 ` Julien Grall
2014-06-18 12:50 ` Jan Beulich
2014-06-16 16:17 ` [RFC 12/19] xen/passthrough: iommu_deassign_device_dt: By default reassign device to nobody Julien Grall
2014-06-18 19:28 ` Stefano Stabellini
2014-07-03 11:48 ` Ian Campbell
2014-07-03 12:07 ` Julien Grall
2014-07-03 12:53 ` Ian Campbell
2014-07-03 13:01 ` Julien Grall
2014-07-03 13:42 ` Ian Campbell
2014-07-03 13:51 ` Julien Grall
2014-07-03 14:04 ` Ian Campbell
2014-07-03 14:09 ` Julien Grall
2014-06-16 16:18 ` [RFC 13/19] xen/iommu: arm: Wire iommu DOMCTL for ARM Julien Grall
2014-06-17 8:24 ` Jan Beulich
2014-06-17 13:05 ` Julien Grall
2014-06-16 16:18 ` [RFC 14/19] xen/passthrough: dt: Add new domctl XEN_DOMCTL_assign_dt_device Julien Grall
2014-06-17 8:34 ` Jan Beulich
2014-06-17 13:23 ` Julien Grall
2014-06-17 13:30 ` Jan Beulich
2014-06-17 13:48 ` Julien Grall
2014-06-17 13:55 ` Jan Beulich
2014-07-03 11:54 ` Ian Campbell
2014-06-16 16:18 ` [RFC 15/19] xen/arm: Reserve region in guest memory for device passthrough Julien Grall
2014-06-18 15:12 ` Stefano Stabellini
2014-06-18 15:23 ` Julien Grall
2014-06-18 15:26 ` Ian Campbell
2014-06-18 17:48 ` Stefano Stabellini
2014-06-18 17:54 ` Julien Grall
2014-06-18 18:14 ` Stefano Stabellini
2014-06-18 18:33 ` Julien Grall
2014-06-18 18:55 ` Stefano Stabellini
2014-07-03 11:56 ` Ian Campbell
2014-06-16 16:18 ` [RFC 16/19] libxl/arm: Introduce DT_IRQ_TYPE_* Julien Grall
2014-07-03 11:56 ` Ian Campbell
2014-06-16 16:18 ` [RFC 17/19] libxl/arm: Rename set_interrupt_ppi to set_interrupt and handle SPIs Julien Grall
2014-07-03 11:58 ` Ian Campbell
2014-07-03 12:04 ` Julien Grall
2014-07-03 14:04 ` Ian Campbell
2014-06-16 16:18 ` [RFC 18/19] libxl: Add support for non-PCI passthrough Julien Grall
2014-06-16 17:19 ` Wei Liu
2014-06-18 12:26 ` Julien Grall
2014-06-16 16:18 ` [RFC 19/19] xl: Add new option dtdev Julien Grall
2014-06-16 17:19 ` Wei Liu
2014-06-18 13:40 ` Julien Grall
2014-06-18 13:43 ` Wei Liu
2014-06-18 13:46 ` Julien Grall
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=53A18BB9.9020302@linaro.org \
--to=julien.grall@linaro.org \
--cc=JBeulich@suse.com \
--cc=dgdegra@tycho.nsa.gov \
--cc=ian.campbell@citrix.com \
--cc=ian.jackson@eu.citrix.com \
--cc=keir@xen.org \
--cc=stefano.stabellini@citrix.com \
--cc=tim@xen.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.