* Re: [Qemu-devel] [PATCH 2/3] virtio: Strictly check queue_size when adding virtqueue
[not found] ` <20110615203602.GB8362@redhat.com>
@ 2011-06-15 22:53 ` Amos Kong
2011-06-15 23:31 ` Anthony Liguori
0 siblings, 1 reply; 3+ messages in thread
From: Amos Kong @ 2011-06-15 22:53 UTC (permalink / raw)
To: Michael S. Tsirkin; +Cc: qemu-devel, kvm
On Wed, Jun 15, 2011 at 11:36:02PM +0300, Michael S. Tsirkin wrote:
> On Wed, Jun 15, 2011 at 10:25:33PM +0800, Amos Kong wrote:
> > Qemu should abort when 'queue_size' is less than or equals to zero.
> >
> > Signed-off-by: Amos Kong <akong@redhat.com>
>
> BTW, these patches apply upstream so should be sent to qemu-devel.
>
> > ---
> > hw/virtio.c | 3 ++-
> > 1 files changed, 2 insertions(+), 1 deletions(-)
> >
> > diff --git a/hw/virtio.c b/hw/virtio.c
> > index a3d0eee..855fe54 100644
> > --- a/hw/virtio.c
> > +++ b/hw/virtio.c
> > @@ -612,7 +612,8 @@ VirtQueue *virtio_add_queue(VirtIODevice *vdev, int queue_size,
> > break;
> > }
> >
> > - if (i == VIRTIO_PCI_QUEUE_MAX || queue_size > VIRTQUEUE_MAX_SIZE)
> > + if (i == VIRTIO_PCI_QUEUE_MAX || queue_size > VIRTQUEUE_MAX_SIZE ||
> > + queue_size <= 0)
> > abort();
> >
> > vdev->vq[i].vring.num = queue_size;
>
> These checks are just a debugging aid - there's no way
> for the guest or user to trigger this.
> I guess it does no harm, but what are we guarding against?
> Why would anyone pass in a negative value?
It seems all exist usage of this function are all right, guest/user could not trigger this right now.
So we don't need to fix this kind of problem?
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Qemu-devel] [PATCH 2/3] virtio: Strictly check queue_size when adding virtqueue
2011-06-15 22:53 ` [Qemu-devel] [PATCH 2/3] virtio: Strictly check queue_size when adding virtqueue Amos Kong
@ 2011-06-15 23:31 ` Anthony Liguori
2011-06-16 2:10 ` [Qemu-devel] [PATCH v2] virtio: Define queue_size to unsigned Amos Kong
0 siblings, 1 reply; 3+ messages in thread
From: Anthony Liguori @ 2011-06-15 23:31 UTC (permalink / raw)
To: Amos Kong; +Cc: qemu-devel, kvm, Michael S. Tsirkin
On 06/15/2011 05:53 PM, Amos Kong wrote:
> On Wed, Jun 15, 2011 at 11:36:02PM +0300, Michael S. Tsirkin wrote:
>> On Wed, Jun 15, 2011 at 10:25:33PM +0800, Amos Kong wrote:
>>> Qemu should abort when 'queue_size' is less than or equals to zero.
>>>
>>> Signed-off-by: Amos Kong<akong@redhat.com>
>>
>> BTW, these patches apply upstream so should be sent to qemu-devel.
>>
>>> ---
>>> hw/virtio.c | 3 ++-
>>> 1 files changed, 2 insertions(+), 1 deletions(-)
>>>
>>> diff --git a/hw/virtio.c b/hw/virtio.c
>>> index a3d0eee..855fe54 100644
>>> --- a/hw/virtio.c
>>> +++ b/hw/virtio.c
>>> @@ -612,7 +612,8 @@ VirtQueue *virtio_add_queue(VirtIODevice *vdev, int queue_size,
>>> break;
>>> }
>>>
>>> - if (i == VIRTIO_PCI_QUEUE_MAX || queue_size> VIRTQUEUE_MAX_SIZE)
>>> + if (i == VIRTIO_PCI_QUEUE_MAX || queue_size> VIRTQUEUE_MAX_SIZE ||
>>> + queue_size<= 0)
>>> abort();
>>>
>>> vdev->vq[i].vring.num = queue_size;
>>
>> These checks are just a debugging aid - there's no way
>> for the guest or user to trigger this.
>> I guess it does no harm, but what are we guarding against?
>> Why would anyone pass in a negative value?
>
> It seems all exist usage of this function are all right, guest/user could not trigger this right now.
> So we don't need to fix this kind of problem?
If it's not valid for queue_size to be negative, then the type ought to
be unsigned.
Regards,
Anthony Liguori
>
^ permalink raw reply [flat|nested] 3+ messages in thread
* [Qemu-devel] [PATCH v2] virtio: Define queue_size to unsigned
2011-06-15 23:31 ` Anthony Liguori
@ 2011-06-16 2:10 ` Amos Kong
0 siblings, 0 replies; 3+ messages in thread
From: Amos Kong @ 2011-06-16 2:10 UTC (permalink / raw)
To: qemu-devel; +Cc: kvm, mst
It's not valid for queue_size to be negative, then the type ought
to be unsigned.
Changes from V1:
- drop the check and just define it to unsigned.
Signed-off-by: Amos Kong <akong@redhat.com>
---
hw/virtio.c | 2 +-
hw/virtio.h | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/virtio.c b/hw/virtio.c
index 6e8814c..4c1e334 100644
--- a/hw/virtio.c
+++ b/hw/virtio.c
@@ -602,7 +602,7 @@ void virtio_queue_set_vector(VirtIODevice *vdev, int n, uint16_t vector)
vdev->vq[n].vector = vector;
}
-VirtQueue *virtio_add_queue(VirtIODevice *vdev, int queue_size,
+VirtQueue *virtio_add_queue(VirtIODevice *vdev, unsigned int queue_size,
void (*handle_output)(VirtIODevice *, VirtQueue *))
{
int i;
diff --git a/hw/virtio.h b/hw/virtio.h
index bc72289..ff0c9b5 100644
--- a/hw/virtio.h
+++ b/hw/virtio.h
@@ -138,7 +138,7 @@ static inline void virtio_set_status(VirtIODevice *vdev, uint8_t val)
vdev->status = val;
}
-VirtQueue *virtio_add_queue(VirtIODevice *vdev, int queue_size,
+VirtQueue *virtio_add_queue(VirtIODevice *vdev, unsigned int queue_size,
void (*handle_output)(VirtIODevice *,
VirtQueue *));
^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2011-06-16 2:10 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <20110615142524.26726.13785.stgit@localhost6.localdomain6>
[not found] ` <20110615142533.26726.54603.stgit@localhost6.localdomain6>
[not found] ` <20110615203602.GB8362@redhat.com>
2011-06-15 22:53 ` [Qemu-devel] [PATCH 2/3] virtio: Strictly check queue_size when adding virtqueue Amos Kong
2011-06-15 23:31 ` Anthony Liguori
2011-06-16 2:10 ` [Qemu-devel] [PATCH v2] virtio: Define queue_size to unsigned Amos Kong
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).