From: Demi Marie Obenour <demi@invisiblethingslab.com>
To: Christoph Hellwig <hch@infradead.org>
Cc: "Roger Pau Monné" <roger.pau@citrix.com>,
"Jens Axboe" <axboe@kernel.dk>,
"Marek Marczykowski-Górecki" <marmarek@invisiblethingslab.com>,
xen-devel@lists.xenproject.org, linux-block@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH 1/2] xen-blkback: Implement diskseq checks
Date: Wed, 7 Jun 2023 12:00:29 -0400 [thread overview]
Message-ID: <ZICpodHAGv8qRw5A@itl-email> (raw)
In-Reply-To: <ZIA1VkDdgt5kmqEt@infradead.org>
[-- Attachment #1: Type: text/plain, Size: 2067 bytes --]
On Wed, Jun 07, 2023 at 12:44:22AM -0700, Christoph Hellwig wrote:
> On Thu, Jun 01, 2023 at 05:48:22PM -0400, Demi Marie Obenour wrote:
> > + if (diskseq) {
> > + struct gendisk *disk = bdev->bd_disk;
> > +
> > + if (unlikely(disk == NULL)) {
> > + pr_err("%s: device %08x has no gendisk\n",
> > + __func__, vbd->pdevice);
> > + xen_vbd_free(vbd);
> > + return -EFAULT;
> > + }
>
> bdev->bd_disk is never NULL.
Fixed in v3.
> > + diskseq_str = xenbus_read(XBT_NIL, dev->nodename, "diskseq", &diskseq_len);
>
> Please avoid the overly long line.
Fixed in v3.
> > + if (IS_ERR(diskseq_str)) {
> > + int err = PTR_ERR(diskseq_str);
> > + diskseq_str = NULL;
> > +
> > + /*
> > + * If this does not exist, it means legacy userspace that does not
>
> .. even more so in comments.
Fixed in v3.
> > + * support diskseq.
> > + */
> > + if (unlikely(!XENBUS_EXIST_ERR(err))) {
> > + xenbus_dev_fatal(dev, err, "reading diskseq");
> > + return;
> > + }
> > + diskseq = 0;
> > + } else if (diskseq_len <= 0) {
> > + xenbus_dev_fatal(dev, -EFAULT, "diskseq must not be empty");
> > + goto fail;
> > + } else if (diskseq_len > 16) {
>
> No need for a else after a return.
Fixed in v3.
> > + xenbus_dev_fatal(dev, -ERANGE, "diskseq too long: got %d but limit is 16",
> > + diskseq_len);
> > + goto fail;
> > + } else if (diskseq_str[0] == '0') {
> > + xenbus_dev_fatal(dev, -ERANGE, "diskseq must not start with '0'");
> > + goto fail;
> > + } else {
> > + char *diskseq_end;
> > + diskseq = simple_strtoull(diskseq_str, &diskseq_end, 16);
> > + if (diskseq_end != diskseq_str + diskseq_len) {
> > + xenbus_dev_fatal(dev, -EINVAL, "invalid diskseq");
> > + goto fail;
> > + }
> > + kfree(diskseq_str);
> > + diskseq_str = NULL;
> > + }
>
> And I suspect the code will be a lot easier to follow if you move
> the diskseq validation into a separate helper.
Fixed in v3.
--
Sincerely,
Demi Marie Obenour (she/her/hers)
Invisible Things Lab
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
next prev parent reply other threads:[~2023-06-07 16:00 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-01 21:48 [PATCH 0/2] xen/blkback: support delete-on-close block devices Demi Marie Obenour
2023-06-01 21:48 ` [PATCH 1/2] xen-blkback: Implement diskseq checks Demi Marie Obenour
2023-06-07 7:44 ` Christoph Hellwig
2023-06-07 16:00 ` Demi Marie Obenour [this message]
2023-06-01 21:48 ` [PATCH 2/2] xen-blkback: Inform userspace that device has been opened Demi Marie Obenour
2023-06-07 7:46 ` Christoph Hellwig
2023-06-07 16:01 ` Demi Marie Obenour
2023-06-06 9:31 ` [PATCH 0/2] xen/blkback: support delete-on-close block devices Roger Pau Monné
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZICpodHAGv8qRw5A@itl-email \
--to=demi@invisiblethingslab.com \
--cc=axboe@kernel.dk \
--cc=hch@infradead.org \
--cc=linux-block@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=marmarek@invisiblethingslab.com \
--cc=roger.pau@citrix.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.