* [Qemu-devel] [PATCH v2 0/4] virtio-serial: Trivial fixes, don't copy buffers to host
@ 2010-12-10 15:25 Amit Shah
2010-12-10 15:25 ` [Qemu-devel] [PATCH v2 1/4] virtio-console: Factor out common init between console and generic ports Amit Shah
` (3 more replies)
0 siblings, 4 replies; 5+ messages in thread
From: Amit Shah @ 2010-12-10 15:25 UTC (permalink / raw)
To: qemu list; +Cc: Amit Shah, Paul Brook
Hi,
This patch series converts virtio-serial-bus to use the guest buffers
instead of copying over guest data to the host, as suggested by Paul.
In addition, there are some trivial fixes for the virtio-console and
virtio-serial code.
v2:
- drop the erroring out patch till we decide what's to be done
- remove goto usage.
Amit Shah (4):
virtio-console: Factor out common init between console and generic
ports
virtio-console: Remove unnecessary braces
virtio-serial: Simplify condition for a while loop
virtio-serial: Don't copy over guest buffer to host
hw/virtio-console.c | 34 +++++++++++++++-------------------
hw/virtio-serial-bus.c | 21 ++++++++++++---------
2 files changed, 27 insertions(+), 28 deletions(-)
--
1.7.3.2
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Qemu-devel] [PATCH v2 1/4] virtio-console: Factor out common init between console and generic ports
2010-12-10 15:25 [Qemu-devel] [PATCH v2 0/4] virtio-serial: Trivial fixes, don't copy buffers to host Amit Shah
@ 2010-12-10 15:25 ` Amit Shah
2010-12-10 15:25 ` [Qemu-devel] [PATCH v2 2/4] virtio-console: Remove unnecessary braces Amit Shah
` (2 subsequent siblings)
3 siblings, 0 replies; 5+ messages in thread
From: Amit Shah @ 2010-12-10 15:25 UTC (permalink / raw)
To: qemu list; +Cc: Amit Shah, Paul Brook
The initialisation for generic ports and console ports is similar.
Factor out the parts that are the same in a different function that can
be called from each of the initfns.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
---
hw/virtio-console.c | 31 ++++++++++++++-----------------
1 files changed, 14 insertions(+), 17 deletions(-)
diff --git a/hw/virtio-console.c b/hw/virtio-console.c
index caea11f..d7fe68b 100644
--- a/hw/virtio-console.c
+++ b/hw/virtio-console.c
@@ -58,24 +58,28 @@ static void chr_event(void *opaque, int event)
}
}
-/* Virtio Console Ports */
-static int virtconsole_initfn(VirtIOSerialDevice *dev)
+static int generic_port_init(VirtConsole *vcon, VirtIOSerialDevice *dev)
{
- VirtIOSerialPort *port = DO_UPCAST(VirtIOSerialPort, dev, &dev->qdev);
- VirtConsole *vcon = DO_UPCAST(VirtConsole, port, port);
-
- port->info = dev->info;
-
- port->is_console = true;
+ vcon->port.info = dev->info;
if (vcon->chr) {
qemu_chr_add_handlers(vcon->chr, chr_can_read, chr_read, chr_event,
vcon);
- port->info->have_data = flush_buf;
+ vcon->port.info->have_data = flush_buf;
}
return 0;
}
+/* Virtio Console Ports */
+static int virtconsole_initfn(VirtIOSerialDevice *dev)
+{
+ VirtIOSerialPort *port = DO_UPCAST(VirtIOSerialPort, dev, &dev->qdev);
+ VirtConsole *vcon = DO_UPCAST(VirtConsole, port, port);
+
+ port->is_console = true;
+ return generic_port_init(vcon, dev);
+}
+
static int virtconsole_exitfn(VirtIOSerialDevice *dev)
{
VirtIOSerialPort *port = DO_UPCAST(VirtIOSerialPort, dev, &dev->qdev);
@@ -115,14 +119,7 @@ static int virtserialport_initfn(VirtIOSerialDevice *dev)
VirtIOSerialPort *port = DO_UPCAST(VirtIOSerialPort, dev, &dev->qdev);
VirtConsole *vcon = DO_UPCAST(VirtConsole, port, port);
- port->info = dev->info;
-
- if (vcon->chr) {
- qemu_chr_add_handlers(vcon->chr, chr_can_read, chr_read, chr_event,
- vcon);
- port->info->have_data = flush_buf;
- }
- return 0;
+ return generic_port_init(vcon, dev);
}
static VirtIOSerialPortInfo virtserialport_info = {
--
1.7.3.2
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [Qemu-devel] [PATCH v2 2/4] virtio-console: Remove unnecessary braces
2010-12-10 15:25 [Qemu-devel] [PATCH v2 0/4] virtio-serial: Trivial fixes, don't copy buffers to host Amit Shah
2010-12-10 15:25 ` [Qemu-devel] [PATCH v2 1/4] virtio-console: Factor out common init between console and generic ports Amit Shah
@ 2010-12-10 15:25 ` Amit Shah
2010-12-10 15:25 ` [Qemu-devel] [PATCH v2 3/4] virtio-serial: Simplify condition for a while loop Amit Shah
2010-12-10 15:25 ` [Qemu-devel] [PATCH v2 4/4] virtio-serial: Don't copy over guest buffer to host Amit Shah
3 siblings, 0 replies; 5+ messages in thread
From: Amit Shah @ 2010-12-10 15:25 UTC (permalink / raw)
To: qemu list; +Cc: Amit Shah, Paul Brook
Remove unnecessary braces around a case statement.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
---
hw/virtio-console.c | 3 +--
1 files changed, 1 insertions(+), 2 deletions(-)
diff --git a/hw/virtio-console.c b/hw/virtio-console.c
index d7fe68b..d0b9354 100644
--- a/hw/virtio-console.c
+++ b/hw/virtio-console.c
@@ -48,10 +48,9 @@ static void chr_event(void *opaque, int event)
VirtConsole *vcon = opaque;
switch (event) {
- case CHR_EVENT_OPENED: {
+ case CHR_EVENT_OPENED:
virtio_serial_open(&vcon->port);
break;
- }
case CHR_EVENT_CLOSED:
virtio_serial_close(&vcon->port);
break;
--
1.7.3.2
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [Qemu-devel] [PATCH v2 3/4] virtio-serial: Simplify condition for a while loop
2010-12-10 15:25 [Qemu-devel] [PATCH v2 0/4] virtio-serial: Trivial fixes, don't copy buffers to host Amit Shah
2010-12-10 15:25 ` [Qemu-devel] [PATCH v2 1/4] virtio-console: Factor out common init between console and generic ports Amit Shah
2010-12-10 15:25 ` [Qemu-devel] [PATCH v2 2/4] virtio-console: Remove unnecessary braces Amit Shah
@ 2010-12-10 15:25 ` Amit Shah
2010-12-10 15:25 ` [Qemu-devel] [PATCH v2 4/4] virtio-serial: Don't copy over guest buffer to host Amit Shah
3 siblings, 0 replies; 5+ messages in thread
From: Amit Shah @ 2010-12-10 15:25 UTC (permalink / raw)
To: qemu list; +Cc: Amit Shah, Paul Brook
Separate out a non-changing condition over the period of a loop into an
if statement before the loop. This will be used later to re-work the
loop.
Signed-off-by: Amit Shah <amit.shah@redhat.com>
---
hw/virtio-serial-bus.c | 5 ++++-
1 files changed, 4 insertions(+), 1 deletions(-)
diff --git a/hw/virtio-serial-bus.c b/hw/virtio-serial-bus.c
index 74ba5ec..ecf0056 100644
--- a/hw/virtio-serial-bus.c
+++ b/hw/virtio-serial-bus.c
@@ -121,7 +121,10 @@ static void do_flush_queued_data(VirtIOSerialPort *port, VirtQueue *vq,
assert(port || discard);
assert(virtio_queue_ready(vq));
- while ((discard || !port->throttled) && virtqueue_pop(vq, &elem)) {
+ if (!discard && port->throttled) {
+ return;
+ }
+ while (virtqueue_pop(vq, &elem)) {
uint8_t *buf;
size_t ret, buf_size;
--
1.7.3.2
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [Qemu-devel] [PATCH v2 4/4] virtio-serial: Don't copy over guest buffer to host
2010-12-10 15:25 [Qemu-devel] [PATCH v2 0/4] virtio-serial: Trivial fixes, don't copy buffers to host Amit Shah
` (2 preceding siblings ...)
2010-12-10 15:25 ` [Qemu-devel] [PATCH v2 3/4] virtio-serial: Simplify condition for a while loop Amit Shah
@ 2010-12-10 15:25 ` Amit Shah
3 siblings, 0 replies; 5+ messages in thread
From: Amit Shah @ 2010-12-10 15:25 UTC (permalink / raw)
To: qemu list; +Cc: Amit Shah, Paul Brook
When the guest writes something to a host, we copied over the entire
buffer first into the host and then processed it. Do away with that, it
could result in a malicious guest causing a DoS on the host.
Reported-by: Paul Brook <paul@codesourcery.com>
Signed-off-by: Amit Shah <amit.shah@redhat.com>
---
hw/virtio-serial-bus.c | 16 ++++++++--------
1 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/hw/virtio-serial-bus.c b/hw/virtio-serial-bus.c
index ecf0056..a0886a2 100644
--- a/hw/virtio-serial-bus.c
+++ b/hw/virtio-serial-bus.c
@@ -125,16 +125,16 @@ static void do_flush_queued_data(VirtIOSerialPort *port, VirtQueue *vq,
return;
}
while (virtqueue_pop(vq, &elem)) {
- uint8_t *buf;
- size_t ret, buf_size;
+ unsigned int i;
- if (!discard) {
- buf_size = iov_size(elem.out_sg, elem.out_num);
- buf = qemu_malloc(buf_size);
- ret = iov_to_buf(elem.out_sg, elem.out_num, buf, 0, buf_size);
+ for (i = 0; !discard && i < elem.out_num; i++) {
+ size_t buf_size;
- port->info->have_data(port, buf, ret);
- qemu_free(buf);
+ buf_size = elem.out_sg[i].iov_len;
+
+ port->info->have_data(port,
+ elem.out_sg[i].iov_base,
+ buf_size);
}
virtqueue_push(vq, &elem, 0);
}
--
1.7.3.2
^ permalink raw reply related [flat|nested] 5+ messages in thread
end of thread, other threads:[~2010-12-10 15:26 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-12-10 15:25 [Qemu-devel] [PATCH v2 0/4] virtio-serial: Trivial fixes, don't copy buffers to host Amit Shah
2010-12-10 15:25 ` [Qemu-devel] [PATCH v2 1/4] virtio-console: Factor out common init between console and generic ports Amit Shah
2010-12-10 15:25 ` [Qemu-devel] [PATCH v2 2/4] virtio-console: Remove unnecessary braces Amit Shah
2010-12-10 15:25 ` [Qemu-devel] [PATCH v2 3/4] virtio-serial: Simplify condition for a while loop Amit Shah
2010-12-10 15:25 ` [Qemu-devel] [PATCH v2 4/4] virtio-serial: Don't copy over guest buffer to host Amit Shah
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.