From: Markus Armbruster <armbru@redhat.com>
To: qemu-devel@nongnu.org
Cc: blauwirbel@gmail.com, aliguori@us.ibm.com, gleb@redhat.com
Subject: [Qemu-devel] [PATCH 7/8] fw_cfg: Use void *, size_t instead of uint8_t *, uint32_t for blobs
Date: Wed, 16 Jan 2013 14:50:28 +0100 [thread overview]
Message-ID: <1358344229-18006-8-git-send-email-armbru@redhat.com> (raw)
In-Reply-To: <1358344229-18006-1-git-send-email-armbru@redhat.com>
Many callers pass size_t, which gets silently truncated to uint32_t.
Harmless, because all practical sizes are well below 4GiB. Clean it
up anyway. Size overflow now fails assertions.
Bonus: saves a whole bunch of silly casts.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
---
hw/fw_cfg.c | 31 ++++++++++++++++---------------
hw/fw_cfg.h | 8 ++++----
hw/pc.c | 13 ++++++-------
trace-events | 2 +-
4 files changed, 27 insertions(+), 27 deletions(-)
diff --git a/hw/fw_cfg.c b/hw/fw_cfg.c
index 3d6dd5f..699383c 100644
--- a/hw/fw_cfg.c
+++ b/hw/fw_cfg.c
@@ -373,23 +373,23 @@ static const VMStateDescription vmstate_fw_cfg = {
}
};
-void fw_cfg_add_bytes(FWCfgState *s, uint16_t key, uint8_t *data, uint32_t len)
+void fw_cfg_add_bytes(FWCfgState *s, uint16_t key, void *data, size_t len)
{
int arch = !!(key & FW_CFG_ARCH_LOCAL);
key &= FW_CFG_ENTRY_MASK;
- assert(key < FW_CFG_MAX_ENTRY);
+ assert(key < FW_CFG_MAX_ENTRY && len < UINT32_MAX);
s->entries[arch][key].data = data;
- s->entries[arch][key].len = len;
+ s->entries[arch][key].len = (uint32_t)len;
}
void fw_cfg_add_string(FWCfgState *s, uint16_t key, const char *value)
{
size_t sz = strlen(value) + 1;
- return fw_cfg_add_bytes(s, key, (uint8_t *)g_memdup(value, sz), sz);
+ return fw_cfg_add_bytes(s, key, g_memdup(value, sz), sz);
}
void fw_cfg_add_i16(FWCfgState *s, uint16_t key, uint16_t value)
@@ -398,7 +398,7 @@ void fw_cfg_add_i16(FWCfgState *s, uint16_t key, uint16_t value)
copy = g_malloc(sizeof(value));
*copy = cpu_to_le16(value);
- fw_cfg_add_bytes(s, key, (uint8_t *)copy, sizeof(value));
+ fw_cfg_add_bytes(s, key, copy, sizeof(value));
}
void fw_cfg_add_i32(FWCfgState *s, uint16_t key, uint32_t value)
@@ -407,7 +407,7 @@ void fw_cfg_add_i32(FWCfgState *s, uint16_t key, uint32_t value)
copy = g_malloc(sizeof(value));
*copy = cpu_to_le32(value);
- fw_cfg_add_bytes(s, key, (uint8_t *)copy, sizeof(value));
+ fw_cfg_add_bytes(s, key, copy, sizeof(value));
}
void fw_cfg_add_i64(FWCfgState *s, uint16_t key, uint64_t value)
@@ -416,11 +416,11 @@ void fw_cfg_add_i64(FWCfgState *s, uint16_t key, uint64_t value)
copy = g_malloc(sizeof(value));
*copy = cpu_to_le64(value);
- fw_cfg_add_bytes(s, key, (uint8_t *)copy, sizeof(value));
+ fw_cfg_add_bytes(s, key, copy, sizeof(value));
}
void fw_cfg_add_callback(FWCfgState *s, uint16_t key, FWCfgCallback callback,
- void *callback_opaque, uint8_t *data, size_t len)
+ void *callback_opaque, void *data, size_t len)
{
int arch = !!(key & FW_CFG_ARCH_LOCAL);
@@ -428,23 +428,24 @@ void fw_cfg_add_callback(FWCfgState *s, uint16_t key, FWCfgCallback callback,
key &= FW_CFG_ENTRY_MASK;
- assert(key < FW_CFG_MAX_ENTRY && len <= 65535);
+ assert(key < FW_CFG_MAX_ENTRY && len <= UINT32_MAX);
s->entries[arch][key].data = data;
- s->entries[arch][key].len = len;
+ s->entries[arch][key].len = (uint32_t)len;
s->entries[arch][key].callback_opaque = callback_opaque;
s->entries[arch][key].callback = callback;
}
-void fw_cfg_add_file(FWCfgState *s, const char *filename, uint8_t *data,
- uint32_t len)
+void fw_cfg_add_file(FWCfgState *s, const char *filename,
+ void *data, size_t len)
{
int i, index;
+ size_t dsize;
if (!s->files) {
- int dsize = sizeof(uint32_t) + sizeof(FWCfgFile) * FW_CFG_FILE_SLOTS;
+ dsize = sizeof(uint32_t) + sizeof(FWCfgFile) * FW_CFG_FILE_SLOTS;
s->files = g_malloc0(dsize);
- fw_cfg_add_bytes(s, FW_CFG_FILE_DIR, (uint8_t*)s->files, dsize);
+ fw_cfg_add_bytes(s, FW_CFG_FILE_DIR, s->files, dsize);
}
index = be32_to_cpu(s->files->count);
@@ -498,7 +499,7 @@ FWCfgState *fw_cfg_init(uint32_t ctl_port, uint32_t data_port,
if (data_addr) {
sysbus_mmio_map(d, 1, data_addr);
}
- fw_cfg_add_bytes(s, FW_CFG_SIGNATURE, (uint8_t *)"QEMU", 4);
+ fw_cfg_add_bytes(s, FW_CFG_SIGNATURE, (char *)"QEMU", 4);
fw_cfg_add_bytes(s, FW_CFG_UUID, qemu_uuid, 16);
fw_cfg_add_i16(s, FW_CFG_NOGRAPHIC, (uint16_t)(display_type == DT_NOGRAPHIC));
fw_cfg_add_i16(s, FW_CFG_NB_CPUS, (uint16_t)smp_cpus);
diff --git a/hw/fw_cfg.h b/hw/fw_cfg.h
index c2c57cd..05c8df1 100644
--- a/hw/fw_cfg.h
+++ b/hw/fw_cfg.h
@@ -54,15 +54,15 @@ typedef struct FWCfgFiles {
typedef void (*FWCfgCallback)(void *opaque, uint8_t *data);
typedef struct FWCfgState FWCfgState;
-void fw_cfg_add_bytes(FWCfgState *s, uint16_t key, uint8_t *data, uint32_t len);
+void fw_cfg_add_bytes(FWCfgState *s, uint16_t key, void *data, size_t len);
void fw_cfg_add_string(FWCfgState *s, uint16_t key, const char *value);
void fw_cfg_add_i16(FWCfgState *s, uint16_t key, uint16_t value);
void fw_cfg_add_i32(FWCfgState *s, uint16_t key, uint32_t value);
void fw_cfg_add_i64(FWCfgState *s, uint16_t key, uint64_t value);
void fw_cfg_add_callback(FWCfgState *s, uint16_t key, FWCfgCallback callback,
- void *callback_opaque, uint8_t *data, size_t len);
-void fw_cfg_add_file(FWCfgState *s, const char *filename, uint8_t *data,
- uint32_t len);
+ void *callback_opaque, void *data, size_t len);
+void fw_cfg_add_file(FWCfgState *s, const char *filename, void *data,
+ size_t len);
FWCfgState *fw_cfg_init(uint32_t ctl_port, uint32_t data_port,
hwaddr crl_addr, hwaddr data_addr);
diff --git a/hw/pc.c b/hw/pc.c
index 34cf79d..8fc69db 100644
--- a/hw/pc.c
+++ b/hw/pc.c
@@ -563,19 +563,18 @@ static void *bochs_bios_init(void)
fw_cfg_add_i32(fw_cfg, FW_CFG_ID, 1);
fw_cfg_add_i64(fw_cfg, FW_CFG_RAM_SIZE, (uint64_t)ram_size);
- fw_cfg_add_bytes(fw_cfg, FW_CFG_ACPI_TABLES, (uint8_t *)acpi_tables,
- acpi_tables_len);
+ fw_cfg_add_bytes(fw_cfg, FW_CFG_ACPI_TABLES,
+ acpi_tables, acpi_tables_len);
fw_cfg_add_i32(fw_cfg, FW_CFG_IRQ0_OVERRIDE, kvm_allows_irq0_override());
smbios_table = smbios_get_table(&smbios_len);
if (smbios_table)
fw_cfg_add_bytes(fw_cfg, FW_CFG_SMBIOS_ENTRIES,
smbios_table, smbios_len);
- fw_cfg_add_bytes(fw_cfg, FW_CFG_E820_TABLE, (uint8_t *)&e820_table,
- sizeof(e820_table));
+ fw_cfg_add_bytes(fw_cfg, FW_CFG_E820_TABLE,
+ &e820_table, sizeof(e820_table));
- fw_cfg_add_bytes(fw_cfg, FW_CFG_HPET, (uint8_t *)&hpet_cfg,
- sizeof(struct hpet_fw_config));
+ fw_cfg_add_bytes(fw_cfg, FW_CFG_HPET, &hpet_cfg, sizeof(hpet_cfg));
/* allocate memory for the NUMA channel: one (64bit) word for the number
* of nodes, one word for each VCPU->node and one word for each node to
* hold the amount of memory.
@@ -593,7 +592,7 @@ static void *bochs_bios_init(void)
for (i = 0; i < nb_numa_nodes; i++) {
numa_fw_cfg[max_cpus + 1 + i] = cpu_to_le64(node_mem[i]);
}
- fw_cfg_add_bytes(fw_cfg, FW_CFG_NUMA, (uint8_t *)numa_fw_cfg,
+ fw_cfg_add_bytes(fw_cfg, FW_CFG_NUMA, numa_fw_cfg,
(1 + max_cpus + nb_numa_nodes) * sizeof(*numa_fw_cfg));
return fw_cfg;
diff --git a/trace-events b/trace-events
index cf76a11..7de9106 100644
--- a/trace-events
+++ b/trace-events
@@ -172,7 +172,7 @@ fw_cfg_write(void *s, uint8_t value) "%p %d"
fw_cfg_select(void *s, uint16_t key, int ret) "%p key %d = %d"
fw_cfg_read(void *s, uint8_t ret) "%p = %d"
fw_cfg_add_file_dupe(void *s, char *name) "%p %s"
-fw_cfg_add_file(void *s, int index, char *name, uint32_t len) "%p #%d: %s (%d bytes)"
+fw_cfg_add_file(void *s, int index, char *name, size_t len) "%p #%d: %s (%zd bytes)"
# hw/hd-geometry.c
hd_geometry_lchs_guess(void *bs, int cyls, int heads, int secs) "bs %p LCHS %d %d %d"
--
1.7.11.7
next prev parent reply other threads:[~2013-01-16 13:50 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-01-16 13:50 [Qemu-devel] [PATCH 0/8] Fixes and cleanups around fw_cfg Markus Armbruster
2013-01-16 13:50 ` [Qemu-devel] [PATCH 1/8] fw_cfg: Replace debug prints by tracepoints Markus Armbruster
2013-01-16 13:50 ` [Qemu-devel] [PATCH 2/8] fw_cfg: Dumb down fw_cfg_add_*() not to return success / failure Markus Armbruster
2013-01-16 13:50 ` [Qemu-devel] [PATCH 3/8] fw_cfg: New fw_cfg_add_string() Markus Armbruster
2013-01-16 13:50 ` [Qemu-devel] [PATCH 4/8] pc: Fix unchecked strdup() by switching to fw_cfg_add_string() Markus Armbruster
2013-01-16 13:50 ` [Qemu-devel] [PATCH 5/8] sun4: " Markus Armbruster
2013-01-16 13:50 ` [Qemu-devel] [PATCH 6/8] pc: Clean up bochs_bios_init()'s (non-)use of sizeof Markus Armbruster
2013-01-16 13:50 ` Markus Armbruster [this message]
2013-01-16 13:50 ` [Qemu-devel] [PATCH 8/8] vl: Use size_t for sizes in get_boot_devices_list() Markus Armbruster
2013-01-17 13:16 ` [Qemu-devel] [PATCH 0/8] Fixes and cleanups around fw_cfg Gleb Natapov
2013-01-19 13:59 ` Blue Swirl
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1358344229-18006-8-git-send-email-armbru@redhat.com \
--to=armbru@redhat.com \
--cc=aliguori@us.ibm.com \
--cc=blauwirbel@gmail.com \
--cc=gleb@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).