From: Laurent Vivier <laurent@vivier.eu>
To: Peter Maydell <peter.maydell@linaro.org>
Cc: Riku Voipio <riku.voipio@iki.fi>,
Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>,
QEMU Developers <qemu-devel@nongnu.org>,
Filip Bozuta <Filip.Bozuta@syrmia.com>,
Artyom Tarasenko <atar4qemu@gmail.com>
Subject: Re: [PULL 11/12] linux-user: Add strace support for printing arguments of ioctl()
Date: Thu, 9 Jul 2020 17:28:34 +0200 [thread overview]
Message-ID: <8ca4bf38-b783-7a0c-06c0-44dc46d284ac@vivier.eu> (raw)
In-Reply-To: <CAFEAcA-AYy_ixjHsX+OYN=Vx-63qdeEDY-cTit7A7wHLMiq_xA@mail.gmail.com>
Le 09/07/2020 à 17:20, Peter Maydell a écrit :
> On Sat, 4 Jul 2020 at 17:36, Laurent Vivier <laurent@vivier.eu> wrote:
>>
>> From: Filip Bozuta <Filip.Bozuta@syrmia.com>
>>
>> This patch implements functionality for strace argument printing for ioctls.
>
> Hi; Coverity points out some issues in this change:
>
>
>> +#ifdef TARGET_NR_ioctl
>> +static void
>> +print_syscall_ret_ioctl(const struct syscallname *name, abi_long ret,
>> + abi_long arg0, abi_long arg1, abi_long arg2,
>> + abi_long arg3, abi_long arg4, abi_long arg5)
>> +{
>> + print_syscall_err(ret);
>> +
>> + if (ret >= 0) {
>> + qemu_log(TARGET_ABI_FMT_ld, ret);
>> +
>> + const IOCTLEntry *ie;
>> + const argtype *arg_type;
>> + void *argptr;
>> + int target_size;
>> +
>> + for (ie = ioctl_entries; ie->target_cmd != 0; ie++) {
>> + if (ie->target_cmd == arg1) {
>> + break;
>> + }
>> + }
>> +
>> + if (ie->target_cmd == arg1 &&
>> + (ie->access == IOC_R || ie->access == IOC_RW)) {
>> + arg_type = ie->arg_type;
>> + qemu_log(" (");
>> + arg_type++;
>> + target_size = thunk_type_size(arg_type, 0);
>> + argptr = lock_user(VERIFY_READ, arg2, target_size, 1);
>
> Here we fail to check that lock_user() didn't return NULL...
>
>> + thunk_print(argptr, arg_type);
>
> ...which would cause a segfault in thunk_print().
> This is CID 1430271.
>
>> + unlock_user(argptr, arg2, target_size);
>> + qemu_log(")");
>> + }
>> + }
>> + qemu_log("\n");
>> +}
>> +#endif
>
>> +#ifdef TARGET_NR_ioctl
>> +static void
>> +print_ioctl(const struct syscallname *name,
>> + abi_long arg0, abi_long arg1, abi_long arg2,
>> + abi_long arg3, abi_long arg4, abi_long arg5)
>> +{
>
>> + case TYPE_PTR:
>> + switch (ie->access) {
>> + case IOC_R:
>> + print_pointer(arg2, 1);
>> + break;
>> + case IOC_W:
>> + case IOC_RW:
>> + arg_type++;
>> + target_size = thunk_type_size(arg_type, 0);
>> + argptr = lock_user(VERIFY_READ, arg2, target_size, 1);
>> + thunk_print(argptr, arg_type);
>
> Similarly here we need to check that lock_user didn't fail.
> This is CID 1430272.
>
>> + unlock_user(argptr, arg2, target_size);
>> + break;
>> + }
>> + break;
>> + default:
>> + g_assert_not_reached();
>> + }
>> + }
>> + }
>> + print_syscall_epilogue(name);
>> +}
Thank you Peter.
I fix that.
Laurent
next prev parent reply other threads:[~2020-07-09 15:30 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-04 16:25 [PULL 00/12] Linux user for 5.1 patches Laurent Vivier
2020-07-04 16:25 ` [PULL 01/12] target/sparc: Translate flushw opcode Laurent Vivier
2020-07-04 16:25 ` [PULL 02/12] linux-user/sparc64: Fix the handling of window spill trap Laurent Vivier
2020-07-04 16:25 ` [PULL 03/12] linux-user: syscall: ioctls: support DRM_IOCTL_VERSION Laurent Vivier
2020-07-04 16:25 ` [PULL 04/12] linux-user: Extend strace support to enable argument printing after syscall execution Laurent Vivier
2020-07-04 16:25 ` [PULL 05/12] linux-user: Add strace support for a group of syscalls Laurent Vivier
2020-07-04 16:25 ` [PULL 06/12] linux-user: Add strace support for printing argument of syscalls used for extended attributes Laurent Vivier
2020-07-04 16:25 ` [PULL 07/12] linux-user: Add strace support for printing arguments of lseek() Laurent Vivier
2020-07-04 16:25 ` [PULL 08/12] linux-user: Add strace support for printing arguments of chown()/lchown() Laurent Vivier
2020-07-04 16:25 ` [PULL 09/12] linux-user: Add strace support for printing arguments of fallocate() Laurent Vivier
2020-07-04 16:25 ` [PULL 10/12] linux-user: Add thunk argument types for SIOCGSTAMP and SIOCGSTAMPNS Laurent Vivier
2020-07-04 16:25 ` [PULL 11/12] linux-user: Add strace support for printing arguments of ioctl() Laurent Vivier
2020-07-09 15:20 ` Peter Maydell
2020-07-09 15:28 ` Laurent Vivier [this message]
2020-07-04 16:25 ` [PULL 12/12] MAINTAINERS: update linux-user maintainer Laurent Vivier
2020-07-04 16:40 ` [PULL 00/12] Linux user for 5.1 patches no-reply
2020-07-04 16:53 ` no-reply
2020-07-07 10:16 ` Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8ca4bf38-b783-7a0c-06c0-44dc46d284ac@vivier.eu \
--to=laurent@vivier.eu \
--cc=Filip.Bozuta@syrmia.com \
--cc=atar4qemu@gmail.com \
--cc=mark.cave-ayland@ilande.co.uk \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=riku.voipio@iki.fi \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).