[Qemu-devel] Re: [PATCH 14/15] virtio-serial: Handle scatter-gather buffers for control messages

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Juan Quintela <quintela@redhat.com>
To: Amit Shah <amit.shah@redhat.com>
Cc: Avi Kivity <avi@redhat.com>, Gerd Hoffmann <kraxel@redhat.com>,
	qemu list <qemu-devel@nongnu.org>,
	"Michael S. Tsirkin" <mst@redhat.com>
Subject: [Qemu-devel] Re: [PATCH 14/15] virtio-serial: Handle scatter-gather buffers for control messages
Date: Tue, 30 Mar 2010 15:44:21 +0200	[thread overview]
Message-ID: <m3d3yllya2.fsf@trasno.mitica> (raw)
In-Reply-To: <1269442173-18421-15-git-send-email-amit.shah@redhat.com> (Amit Shah's message of "Wed, 24 Mar 2010 20:19:32 +0530")

Amit Shah <amit.shah@redhat.com> wrote:
> Current control messages are small enough to not be split into multiple
> buffers but we could run into such a situation in the future or a
> malicious guest could cause such a situation.
>
> So handle the entire iov request for control messages.
>
> Also ensure the size of the control request is >= what we expect
> otherwise we risk accessing memory that we don't own.
>
> Signed-off-by: Amit Shah <amit.shah@redhat.com>
> CC: Avi Kivity <avi@redhat.com>
> Reported-by: Avi Kivity <avi@redhat.com>
> ---
>  hw/virtio-serial-bus.c |   34 +++++++++++++++++++++++++++++++---
>  1 files changed, 31 insertions(+), 3 deletions(-)
>
> diff --git a/hw/virtio-serial-bus.c b/hw/virtio-serial-bus.c
> index bd1223e..3edfeca 100644
>      vser = DO_UPCAST(VirtIOSerial, vdev, vdev);
>  
> +    len = 0;
> +    buf = NULL;
>      while (virtqueue_pop(vq, &elem)) {
> -        handle_control_message(vser, elem.out_sg[0].iov_base);
> -        virtqueue_push(vq, &elem, elem.out_sg[0].iov_len);
> +        size_t cur_len, copied;
> +
> +        cur_len = iov_size(elem.out_sg, elem.out_num);
> +        /*
> +         * Allocate a new buf only if we didn't have one previously or
> +         * if the size of the buf differs
> +         */
> +        if (cur_len != len) {
> +            if (len) {
> +                qemu_free(buf);
> +            }
> +            buf = qemu_malloc(cur_len);
> +            len = cur_len;
> +        }

This can be simplified to only allocate the buffer if it is less no?

        if (cur_len > len) {
            if (len) {
                qemu_free(buf);
            }
            buf = qemu_malloc(cur_len);
            len = cur_len;
        }

This way we can elliminate allocations, no?

Later, Juan.

next prev parent reply	other threads:[~2010-03-30 13:44 UTC|newest]

Thread overview: 46+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-03-24 14:49 [Qemu-devel] [PATCH 00/15] v3: virtio-serial-bus fixes, new abi for port discovery Amit Shah
2010-03-24 14:49 ` [Qemu-devel] [PATCH 01/15] virtio-serial: save/load: Ensure target has enough ports Amit Shah
2010-03-24 14:49   ` [Qemu-devel] [PATCH 02/15] virtio-serial: save/load: Ensure nr_ports on src and dest are same Amit Shah
2010-03-24 14:49     ` [Qemu-devel] [PATCH 03/15] virtio-serial: save/load: Ensure we have hot-plugged ports instantiated Amit Shah
2010-03-24 14:49       ` [Qemu-devel] [PATCH 04/15] virtio-serial: save/load: Send target host connection status if different Amit Shah
2010-03-24 14:49         ` [Qemu-devel] [PATCH 05/15] virtio-serial: Use control messages to notify guest of new ports Amit Shah
2010-03-24 14:49           ` [Qemu-devel] [PATCH 06/15] virtio-serial: whitespace: match surrounding code Amit Shah
2010-03-24 14:49             ` [Qemu-devel] [PATCH 07/15] virtio-serial: Remove redundant check for 0-sized write request Amit Shah
2010-03-24 14:49               ` [Qemu-devel] [PATCH 08/15] virtio-serial: Update copyright year to 2010 Amit Shah
2010-03-24 14:49                 ` [Qemu-devel] [PATCH 09/15] virtio-serial: Propagate errors in initialising ports / devices in guest Amit Shah
2010-03-24 14:49                   ` [Qemu-devel] [PATCH 10/15] virtio-serial: Add QMP events for failed port/device add Amit Shah
2010-03-24 14:49                     ` [Qemu-devel] [PATCH 11/15] virtio-serial: Send out guest data to ports only if port is opened Amit Shah
2010-03-24 14:49                       ` [Qemu-devel] [PATCH 12/15] iov: Introduce a new file for helpers around iovs, add iov_from_buf() Amit Shah
2010-03-24 14:49                         ` [Qemu-devel] [PATCH 13/15] iov: Add iov_to_buf and iov_size helpers Amit Shah
2010-03-24 14:49                           ` [Qemu-devel] [PATCH 14/15] virtio-serial: Handle scatter-gather buffers for control messages Amit Shah
2010-03-24 14:49                             ` [Qemu-devel] [PATCH 15/15] virtio-serial: Handle scatter/gather input from the guest Amit Shah
2010-03-30 13:44                             ` Juan Quintela [this message]
2010-03-30 13:47                               ` [Qemu-devel] Re: [PATCH 14/15] virtio-serial: Handle scatter-gather buffers for control messages Amit Shah
2010-03-24 20:34                     ` [Qemu-devel] Re: [PATCH 10/15] virtio-serial: Add QMP events for failed port/device add Luiz Capitulino
2010-03-25  3:47                       ` Amit Shah
2010-03-25 18:34                         ` Luiz Capitulino
2010-03-26  1:17                           ` Jamie Lokier
2010-03-26  2:07                             ` Amit Shah
2010-03-26  4:07                               ` Jamie Lokier
2010-03-26  4:56                                 ` Amit Shah
2010-03-26  5:23                                   ` Jamie Lokier
2010-03-26 13:49                                     ` Amit Shah
2010-03-26 14:44                                       ` Jamie Lokier
2010-03-26 14:57                                         ` Amit Shah
2010-03-28 15:01                                           ` Jamie Lokier
2010-03-26 13:05                                   ` Luiz Capitulino
2010-03-26 13:24                                     ` Amit Shah
2010-03-26  1:57                           ` Amit Shah
2010-03-25 18:55                     ` Luiz Capitulino
2010-03-26  2:16                       ` Amit Shah
2010-03-26 13:14                         ` Luiz Capitulino
2010-03-26 13:26                           ` Amit Shah
2010-03-26 14:29                             ` Luiz Capitulino
2010-03-26 14:43                               ` Amit Shah
2010-03-26 17:52                                 ` Luiz Capitulino
2010-03-27  8:03                                   ` Amit Shah
2010-03-29 13:34                                     ` Luiz Capitulino
2010-03-26 16:51                               ` Anthony Liguori
2010-03-26  1:09     ` [Qemu-devel] [PATCH 02/15] virtio-serial: save/load: Ensure nr_ports on src and dest are same Jamie Lokier
2010-03-26  2:03       ` Amit Shah
2010-03-26  4:08         ` Jamie Lokier

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=m3d3yllya2.fsf@trasno.mitica \
    --to=quintela@redhat.com \
    --cc=amit.shah@redhat.com \
    --cc=avi@redhat.com \
    --cc=kraxel@redhat.com \
    --cc=mst@redhat.com \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.