From patchwork Mon Sep 25 19:40:29 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vladimir Sementsov-Ogievskiy X-Patchwork-Id: 1839361 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=yandex-team.ru header.i=@yandex-team.ru header.a=rsa-sha256 header.s=default header.b=WGZW/wyg; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=patchwork.ozlabs.org) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4RvYG128htz1yp8 for ; Tue, 26 Sep 2023 05:43:37 +1000 (AEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qkrSI-0002h1-74; Mon, 25 Sep 2023 15:41:18 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qkrSG-0002es-C9 for qemu-devel@nongnu.org; Mon, 25 Sep 2023 15:41:16 -0400 Received: from forwardcorp1b.mail.yandex.net ([2a02:6b8:c02:900:1:45:d181:df01]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qkrSC-0004lF-N5 for qemu-devel@nongnu.org; Mon, 25 Sep 2023 15:41:16 -0400 Received: from mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net (mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net [IPv6:2a02:6b8:c12:550b:0:640:d49b:0]) by forwardcorp1b.mail.yandex.net (Yandex) with ESMTP id 53C9E63731; Mon, 25 Sep 2023 22:41:07 +0300 (MSK) Received: from vsementsov-lin.. (unknown [2a02:6b8:b081:6422::1:2a]) by mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net (smtpcorp/Yandex) with ESMTPSA id geUBjG0OhCg0-7T42CIWK; Mon, 25 Sep 2023 22:41:06 +0300 X-Yandex-Fwd: 1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex-team.ru; s=default; t=1695670866; bh=IrCX98+BsHKhBATyxoue5K4vzQ6/d4/0Hs7S3KTK9FM=; h=Message-Id:Date:In-Reply-To:Cc:Subject:References:To:From; b=WGZW/wygsfeliGPn25AjtNhNIVpXVOgTDqbham4jhZvUohndryQ3Mo7d+FWvKs90C fHPKXf2l96/0s9JemCWZeDqCPdNLuf4TeibA+w8ZFbMcO2f+IEvQ8tGCpMaeEJh8K+ PQNeaDWqJAqikwackXCjLrLOH+v6L4YTiXUWH5Pg= Authentication-Results: mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net; dkim=pass header.i=@yandex-team.ru From: Vladimir Sementsov-Ogievskiy To: qemu-devel@nongnu.org Cc: pbonzini@redhat.com, vsementsov@yandex-team.ru, =?utf-8?q?Philippe_Mathi?= =?utf-8?q?eu-Daud=C3=A9?= , Peter Maydell , Thomas Huth , Richard Henderson Subject: [PATCH 01/12] hw/core/loader: load_at(): check size Date: Mon, 25 Sep 2023 22:40:29 +0300 Message-Id: <20230925194040.68592-2-vsementsov@yandex-team.ru> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230925194040.68592-1-vsementsov@yandex-team.ru> References: <20230925194040.68592-1-vsementsov@yandex-team.ru> MIME-Version: 1.0 Received-SPF: pass client-ip=2a02:6b8:c02:900:1:45:d181:df01; envelope-from=vsementsov@yandex-team.ru; helo=forwardcorp1b.mail.yandex.net X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org This @size parameter often comes from fd. We'd better check it before doing read and allocation. Chose 1G as high enough empiric bound. Signed-off-by: Vladimir Sementsov-Ogievskiy --- hw/core/loader.c | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/hw/core/loader.c b/hw/core/loader.c index 4dd5a71fb7..4b67543046 100644 --- a/hw/core/loader.c +++ b/hw/core/loader.c @@ -281,11 +281,26 @@ ssize_t load_aout(const char *filename, hwaddr addr, int max_sz, /* ELF loader */ +#define ELF_LOAD_MAX (1024 * 1024 * 1024) + static void *load_at(int fd, off_t offset, size_t size) { void *ptr; - if (lseek(fd, offset, SEEK_SET) < 0) + + /* + * We often come here with @size, which was previously read from file + * descriptor too. That's not good to read and allocate for unchecked + * number of bytes. Coverity also doesn't like it and generate problems. + * So, let's limit all load_at() calls to ELF_LOAD_MAX at least. + */ + if (size > ELF_LOAD_MAX) { return NULL; + } + + if (lseek(fd, offset, SEEK_SET) < 0) { + return NULL; + } + ptr = g_malloc(size); if (read(fd, ptr, size) != size) { g_free(ptr); From patchwork Mon Sep 25 19:40:30 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vladimir Sementsov-Ogievskiy X-Patchwork-Id: 1839350 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=yandex-team.ru header.i=@yandex-team.ru header.a=rsa-sha256 header.s=default header.b=cw3NglVq; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=patchwork.ozlabs.org) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4RvYD54Slgz1yp8 for ; Tue, 26 Sep 2023 05:41:57 +1000 (AEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qkrSH-0002ft-Kb; Mon, 25 Sep 2023 15:41:17 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qkrSG-0002er-Aa for qemu-devel@nongnu.org; Mon, 25 Sep 2023 15:41:16 -0400 Received: from forwardcorp1b.mail.yandex.net ([2a02:6b8:c02:900:1:45:d181:df01]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qkrSC-0004lM-Mp for qemu-devel@nongnu.org; Mon, 25 Sep 2023 15:41:16 -0400 Received: from mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net (mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net [IPv6:2a02:6b8:c12:550b:0:640:d49b:0]) by forwardcorp1b.mail.yandex.net (Yandex) with ESMTP id AC27163737; Mon, 25 Sep 2023 22:41:08 +0300 (MSK) Received: from vsementsov-lin.. (unknown [2a02:6b8:b081:6422::1:2a]) by mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net (smtpcorp/Yandex) with ESMTPSA id geUBjG0OhCg0-fV5f2sNy; Mon, 25 Sep 2023 22:41:08 +0300 X-Yandex-Fwd: 1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex-team.ru; s=default; t=1695670868; bh=JAF11x7KyYuN+fvzvEHiESvT4PFt8h3GAP26ItWhJ6M=; h=Message-Id:Date:In-Reply-To:Cc:Subject:References:To:From; b=cw3NglVq6g/ugwSg4d5R0q3qyGNCI40/cg4oGDFbNo5uj89piwcn3IXWRbgf+zvpx JqWHEaOgT3EnlkioWGl0DemDVAT2u9iFJeKVG59coYj44qSkW4V74Syz+leWHBsVSf 8O3XhT+4Vy29FBNuMoYJmC4441VtHpP7MScJYxN8= Authentication-Results: mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net; dkim=pass header.i=@yandex-team.ru From: Vladimir Sementsov-Ogievskiy To: qemu-devel@nongnu.org Cc: pbonzini@redhat.com, vsementsov@yandex-team.ru, "Michael S. Tsirkin" , Peter Xu , Jason Wang , Richard Henderson , Eduardo Habkost , Marcel Apfelbaum Subject: [PATCH 02/12] hw/i386/intel_iommu: vtd_slpte_nonzero_rsvd(): reduce magic numbers Date: Mon, 25 Sep 2023 22:40:30 +0300 Message-Id: <20230925194040.68592-3-vsementsov@yandex-team.ru> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230925194040.68592-1-vsementsov@yandex-team.ru> References: <20230925194040.68592-1-vsementsov@yandex-team.ru> MIME-Version: 1.0 Received-SPF: pass client-ip=2a02:6b8:c02:900:1:45:d181:df01; envelope-from=vsementsov@yandex-team.ru; helo=forwardcorp1b.mail.yandex.net X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Add a constant and clear assertion. The assertion also tells Coverity that we are not going to overflow the array. Signed-off-by: Vladimir Sementsov-Ogievskiy Reviewed-by: Peter Maydell --- hw/i386/intel_iommu.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/hw/i386/intel_iommu.c b/hw/i386/intel_iommu.c index c0ce896668..2233dbe13a 100644 --- a/hw/i386/intel_iommu.c +++ b/hw/i386/intel_iommu.c @@ -1028,12 +1028,17 @@ static dma_addr_t vtd_get_iova_pgtbl_base(IntelIOMMUState *s, * vtd_spte_rsvd 4k pages * vtd_spte_rsvd_large large pages */ -static uint64_t vtd_spte_rsvd[5]; -static uint64_t vtd_spte_rsvd_large[5]; +#define VTD_SPTE_RSVD_LEN 5 +static uint64_t vtd_spte_rsvd[VTD_SPTE_RSVD_LEN]; +static uint64_t vtd_spte_rsvd_large[VTD_SPTE_RSVD_LEN]; static bool vtd_slpte_nonzero_rsvd(uint64_t slpte, uint32_t level) { - uint64_t rsvd_mask = vtd_spte_rsvd[level]; + uint64_t rsvd_mask; + + assert(level < VTD_SPTE_RSVD_LEN); + + rsvd_mask = vtd_spte_rsvd[level]; if ((level == VTD_SL_PD_LEVEL || level == VTD_SL_PDP_LEVEL) && (slpte & VTD_SL_PT_PAGE_SIZE_MASK)) { From patchwork Mon Sep 25 19:40:31 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vladimir Sementsov-Ogievskiy X-Patchwork-Id: 1839362 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=yandex-team.ru header.i=@yandex-team.ru header.a=rsa-sha256 header.s=default header.b=ddn8458B; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=patchwork.ozlabs.org) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4RvYG142Mvz1yqR for ; Tue, 26 Sep 2023 05:43:37 +1000 (AEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qkrSI-0002h6-PV; Mon, 25 Sep 2023 15:41:18 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qkrSG-0002fL-Jo for qemu-devel@nongnu.org; Mon, 25 Sep 2023 15:41:16 -0400 Received: from forwardcorp1b.mail.yandex.net ([178.154.239.136]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qkrSD-0004lQ-Mz for qemu-devel@nongnu.org; Mon, 25 Sep 2023 15:41:16 -0400 Received: from mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net (mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net [IPv6:2a02:6b8:c12:550b:0:640:d49b:0]) by forwardcorp1b.mail.yandex.net (Yandex) with ESMTP id 506596373A; Mon, 25 Sep 2023 22:41:09 +0300 (MSK) Received: from vsementsov-lin.. (unknown [2a02:6b8:b081:6422::1:2a]) by mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net (smtpcorp/Yandex) with ESMTPSA id geUBjG0OhCg0-7VSD6wMv; Mon, 25 Sep 2023 22:41:08 +0300 X-Yandex-Fwd: 1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex-team.ru; s=default; t=1695670868; bh=udxd0/JSFufe9JLT7bXz/dMVFUwqQDx8UQQ6D+xT8K4=; h=Message-Id:Date:In-Reply-To:Cc:Subject:References:To:From; b=ddn8458BPJ2phxLkF+bsbzhILVpLH5tYypZUG5UTc8pgVlq74+2ztNqWOPFTdQJQd SVgdfYSHyUlUlVkTJhr26hdI7P0mVAMbtHj6c/7mHOPaFfRnLOqmSDWf7I7XfDpse5 7FlZnovyW7lgxBpx0G8/trx/WVSBlGYhTh55nfxw= Authentication-Results: mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net; dkim=pass header.i=@yandex-team.ru From: Vladimir Sementsov-Ogievskiy To: qemu-devel@nongnu.org Cc: pbonzini@redhat.com, vsementsov@yandex-team.ru, =?utf-8?q?Daniel_P=2E_Be?= =?utf-8?q?rrang=C3=A9?= Subject: [PATCH 03/12] util/filemonitor-inotify: qemu_file_monitor_watch(): avoid overflow Date: Mon, 25 Sep 2023 22:40:31 +0300 Message-Id: <20230925194040.68592-4-vsementsov@yandex-team.ru> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230925194040.68592-1-vsementsov@yandex-team.ru> References: <20230925194040.68592-1-vsementsov@yandex-team.ru> MIME-Version: 1.0 Received-SPF: pass client-ip=178.154.239.136; envelope-from=vsementsov@yandex-team.ru; helo=forwardcorp1b.mail.yandex.net X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Prefer clear assertions instead of possible array overflow. Signed-off-by: Vladimir Sementsov-Ogievskiy --- util/filemonitor-inotify.c | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/util/filemonitor-inotify.c b/util/filemonitor-inotify.c index 2c45f7f176..09ef240174 100644 --- a/util/filemonitor-inotify.c +++ b/util/filemonitor-inotify.c @@ -81,16 +81,21 @@ static void qemu_file_monitor_watch(void *arg) /* Loop over all events in the buffer */ while (used < len) { - struct inotify_event *ev = - (struct inotify_event *)(buf + used); - const char *name = ev->len ? ev->name : ""; - QFileMonitorDir *dir = g_hash_table_lookup(mon->idmap, - GINT_TO_POINTER(ev->wd)); - uint32_t iev = ev->mask & - (IN_CREATE | IN_MODIFY | IN_DELETE | IN_IGNORED | - IN_MOVED_TO | IN_MOVED_FROM | IN_ATTRIB); + const char *name; + QFileMonitorDir *dir; + uint32_t iev; int qev; gsize i; + struct inotify_event *ev = (struct inotify_event *)(buf + used); + + assert(len - used >= sizeof(struct inotify_event)); + assert(len - used - sizeof(struct inotify_event) >= ev->len); + + name = ev->len ? ev->name : ""; + dir = g_hash_table_lookup(mon->idmap, GINT_TO_POINTER(ev->wd)); + iev = ev->mask & + (IN_CREATE | IN_MODIFY | IN_DELETE | IN_IGNORED | + IN_MOVED_TO | IN_MOVED_FROM | IN_ATTRIB); used += sizeof(struct inotify_event) + ev->len; From patchwork Mon Sep 25 19:40:32 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vladimir Sementsov-Ogievskiy X-Patchwork-Id: 1839359 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=yandex-team.ru header.i=@yandex-team.ru header.a=rsa-sha256 header.s=default header.b=IIDPTtsQ; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=patchwork.ozlabs.org) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4RvYFT3ghvz1yp8 for ; Tue, 26 Sep 2023 05:43:09 +1000 (AEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qkrSH-0002fV-0R; Mon, 25 Sep 2023 15:41:17 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qkrSF-0002ea-4A for qemu-devel@nongnu.org; Mon, 25 Sep 2023 15:41:15 -0400 Received: from forwardcorp1c.mail.yandex.net ([2a02:6b8:c03:500:1:45:d181:df01]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qkrSC-0004lT-PL for qemu-devel@nongnu.org; Mon, 25 Sep 2023 15:41:14 -0400 Received: from mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net (mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net [IPv6:2a02:6b8:c12:550b:0:640:d49b:0]) by forwardcorp1c.mail.yandex.net (Yandex) with ESMTP id EC59760124; Mon, 25 Sep 2023 22:41:09 +0300 (MSK) Received: from vsementsov-lin.. (unknown [2a02:6b8:b081:6422::1:2a]) by mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net (smtpcorp/Yandex) with ESMTPSA id geUBjG0OhCg0-i5fEULcv; Mon, 25 Sep 2023 22:41:09 +0300 X-Yandex-Fwd: 1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex-team.ru; s=default; t=1695670869; bh=APD63jVjpKGyXrrj8bpH2G86emsF9emrRj2IUL6CpiU=; h=Message-Id:Date:In-Reply-To:Cc:Subject:References:To:From; b=IIDPTtsQq+4TI6eAa2x6BX+wBpUIcdB5yfUy3BHw94Y5YARSZUBtt2F0sLfvf1coJ bcU5C3iZMGf1iWVC0kCnofoajdr21bWShJpueytgbZ4RhJJFOLx/X3TzqrUcuj658Q tLV5DqHaYzlx1i25eeFPWBKpjLUvAcTXzORIAw6o= Authentication-Results: mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net; dkim=pass header.i=@yandex-team.ru From: Vladimir Sementsov-Ogievskiy To: qemu-devel@nongnu.org Cc: pbonzini@redhat.com, vsementsov@yandex-team.ru, "Michael S. Tsirkin" Subject: [PATCH 04/12] libvhost-user.c: add assertion to vu_message_read_default Date: Mon, 25 Sep 2023 22:40:32 +0300 Message-Id: <20230925194040.68592-5-vsementsov@yandex-team.ru> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230925194040.68592-1-vsementsov@yandex-team.ru> References: <20230925194040.68592-1-vsementsov@yandex-team.ru> MIME-Version: 1.0 Received-SPF: pass client-ip=2a02:6b8:c03:500:1:45:d181:df01; envelope-from=vsementsov@yandex-team.ru; helo=forwardcorp1c.mail.yandex.net X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Explain Coverity that we are not going to overflow vmsg->fds. Signed-off-by: Vladimir Sementsov-Ogievskiy --- subprojects/libvhost-user/libvhost-user.c | 1 + 1 file changed, 1 insertion(+) diff --git a/subprojects/libvhost-user/libvhost-user.c b/subprojects/libvhost-user/libvhost-user.c index 0469a50101..49b57c7ef4 100644 --- a/subprojects/libvhost-user/libvhost-user.c +++ b/subprojects/libvhost-user/libvhost-user.c @@ -322,6 +322,7 @@ vu_message_read_default(VuDev *dev, int conn_fd, VhostUserMsg *vmsg) if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) { fd_size = cmsg->cmsg_len - CMSG_LEN(0); vmsg->fd_num = fd_size / sizeof(int); + assert(fd_size < VHOST_MEMORY_BASELINE_NREGIONS); memcpy(vmsg->fds, CMSG_DATA(cmsg), fd_size); break; } From patchwork Mon Sep 25 19:40:33 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vladimir Sementsov-Ogievskiy X-Patchwork-Id: 1839355 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=yandex-team.ru header.i=@yandex-team.ru header.a=rsa-sha256 header.s=default header.b=xD518qml; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=patchwork.ozlabs.org) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4RvYF61w6Qz1yp8 for ; Tue, 26 Sep 2023 05:42:50 +1000 (AEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qkrSJ-0002ha-8z; Mon, 25 Sep 2023 15:41:19 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qkrSG-0002ev-DB for qemu-devel@nongnu.org; Mon, 25 Sep 2023 15:41:17 -0400 Received: from forwardcorp1c.mail.yandex.net ([2a02:6b8:c03:500:1:45:d181:df01]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qkrSD-0004mt-F7 for qemu-devel@nongnu.org; Mon, 25 Sep 2023 15:41:16 -0400 Received: from mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net (mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net [IPv6:2a02:6b8:c12:550b:0:640:d49b:0]) by forwardcorp1c.mail.yandex.net (Yandex) with ESMTP id 140D660153; Mon, 25 Sep 2023 22:41:11 +0300 (MSK) Received: from vsementsov-lin.. (unknown [2a02:6b8:b081:6422::1:2a]) by mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net (smtpcorp/Yandex) with ESMTPSA id geUBjG0OhCg0-5oRQ8Zbd; Mon, 25 Sep 2023 22:41:10 +0300 X-Yandex-Fwd: 1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex-team.ru; s=default; t=1695670870; bh=TDaHag51snfRqyz98agZxwCE0S8VXdIHLEWvamoUc1c=; h=Message-Id:Date:In-Reply-To:Cc:Subject:References:To:From; b=xD518qmlSt7Qhd5eSNufxV55PpGgrXuebEtfjSY2nWPyewivk+ddbrdEyTfUEK13s 1ve+qLPa6VfvO0xI/1ApMrhSfc52apckYlt5m2oBLvX8AYqJ9S0yAKK16WRd7Z80OC v+tbLrSXxg3fw90l++dG9fcgd8QanXDviT4fs0tw= Authentication-Results: mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net; dkim=pass header.i=@yandex-team.ru From: Vladimir Sementsov-Ogievskiy To: qemu-devel@nongnu.org Cc: pbonzini@redhat.com, vsementsov@yandex-team.ru, Alistair Francis , David Gibson Subject: [PATCH 05/12] device_tree: qmp_dumpdtb(): stronger assertion Date: Mon, 25 Sep 2023 22:40:33 +0300 Message-Id: <20230925194040.68592-6-vsementsov@yandex-team.ru> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230925194040.68592-1-vsementsov@yandex-team.ru> References: <20230925194040.68592-1-vsementsov@yandex-team.ru> MIME-Version: 1.0 Received-SPF: pass client-ip=2a02:6b8:c03:500:1:45:d181:df01; envelope-from=vsementsov@yandex-team.ru; helo=forwardcorp1c.mail.yandex.net X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Coverity mark this size, got from the buffer as untrasted value, it's not good to use it as length when writing to file. Make the assertion more strict to also check upper bound. Signed-off-by: Vladimir Sementsov-Ogievskiy Reviewed-by: Alistair Francis --- softmmu/device_tree.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/softmmu/device_tree.c b/softmmu/device_tree.c index 30aa3aea9f..adc4236e21 100644 --- a/softmmu/device_tree.c +++ b/softmmu/device_tree.c @@ -660,7 +660,7 @@ void qmp_dumpdtb(const char *filename, Error **errp) size = fdt_totalsize(current_machine->fdt); - g_assert(size > 0); + g_assert(size > 0 && size <= FDT_MAX_SIZE); if (!g_file_set_contents(filename, current_machine->fdt, size, &err)) { error_setg(errp, "Error saving FDT to file %s: %s", From patchwork Mon Sep 25 19:40:34 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vladimir Sementsov-Ogievskiy X-Patchwork-Id: 1839357 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=yandex-team.ru header.i=@yandex-team.ru header.a=rsa-sha256 header.s=default header.b=wqVpT8lb; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=patchwork.ozlabs.org) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4RvYF75cRYz1yp8 for ; Tue, 26 Sep 2023 05:42:51 +1000 (AEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qkrSJ-0002hd-CE; Mon, 25 Sep 2023 15:41:19 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qkrSH-0002fo-IB for qemu-devel@nongnu.org; Mon, 25 Sep 2023 15:41:17 -0400 Received: from forwardcorp1b.mail.yandex.net ([178.154.239.136]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qkrSE-0004mx-1n for qemu-devel@nongnu.org; Mon, 25 Sep 2023 15:41:17 -0400 Received: from mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net (mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net [IPv6:2a02:6b8:c12:550b:0:640:d49b:0]) by forwardcorp1b.mail.yandex.net (Yandex) with ESMTP id A246C6373E; Mon, 25 Sep 2023 22:41:11 +0300 (MSK) Received: from vsementsov-lin.. (unknown [2a02:6b8:b081:6422::1:2a]) by mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net (smtpcorp/Yandex) with ESMTPSA id geUBjG0OhCg0-6y8RApFp; Mon, 25 Sep 2023 22:41:11 +0300 X-Yandex-Fwd: 1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex-team.ru; s=default; t=1695670871; bh=3MG107ct8Ug6ljNO236hrBkDgC4FelsYjZS2SdUxMYM=; h=Message-Id:Date:In-Reply-To:Cc:Subject:References:To:From; b=wqVpT8lbJncgL1EtXeJNFufIxjNy0HuwBM9KyBc2xw3Opa3e/y/rusX4r/nvUhzvb sHgLNiZjJLPOEw6Yu+VdJGoe2WLZBJt9IjFAFo85594ZUMDQN0uLM3YD5qayXTvj0h 9Ob57AoldyPR7LFm6A73qy2QW7I5KeK5aPZpJOtQ= Authentication-Results: mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net; dkim=pass header.i=@yandex-team.ru From: Vladimir Sementsov-Ogievskiy To: qemu-devel@nongnu.org Cc: pbonzini@redhat.com, vsementsov@yandex-team.ru, "Michael S. Tsirkin" Subject: [PATCH 06/12] mc146818rtc: rtc_set_time(): initialize tm to zeroes Date: Mon, 25 Sep 2023 22:40:34 +0300 Message-Id: <20230925194040.68592-7-vsementsov@yandex-team.ru> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230925194040.68592-1-vsementsov@yandex-team.ru> References: <20230925194040.68592-1-vsementsov@yandex-team.ru> MIME-Version: 1.0 Received-SPF: pass client-ip=178.154.239.136; envelope-from=vsementsov@yandex-team.ru; helo=forwardcorp1b.mail.yandex.net X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org set_time() function doesn't set all the fields, so it's better to initialize tm structure. And Coverity will be happier about it. Signed-off-by: Vladimir Sementsov-Ogievskiy --- hw/rtc/mc146818rtc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hw/rtc/mc146818rtc.c b/hw/rtc/mc146818rtc.c index c27c362db9..b63e1aeaea 100644 --- a/hw/rtc/mc146818rtc.c +++ b/hw/rtc/mc146818rtc.c @@ -599,7 +599,7 @@ static void rtc_get_time(MC146818RtcState *s, struct tm *tm) static void rtc_set_time(MC146818RtcState *s) { - struct tm tm; + struct tm tm = {0}; g_autofree const char *qom_path = object_get_canonical_path(OBJECT(s)); rtc_get_time(s, &tm); From patchwork Mon Sep 25 19:40:35 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vladimir Sementsov-Ogievskiy X-Patchwork-Id: 1839353 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=yandex-team.ru header.i=@yandex-team.ru header.a=rsa-sha256 header.s=default header.b=OYRLkIWw; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=patchwork.ozlabs.org) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4RvYDH0JbMz1yqR for ; Tue, 26 Sep 2023 05:42:07 +1000 (AEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qkrSK-0002iM-2S; Mon, 25 Sep 2023 15:41:20 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qkrSH-0002fi-Fg for qemu-devel@nongnu.org; Mon, 25 Sep 2023 15:41:17 -0400 Received: from forwardcorp1b.mail.yandex.net ([2a02:6b8:c02:900:1:45:d181:df01]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qkrSD-0004n1-TO for qemu-devel@nongnu.org; Mon, 25 Sep 2023 15:41:16 -0400 Received: from mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net (mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net [IPv6:2a02:6b8:c12:550b:0:640:d49b:0]) by forwardcorp1b.mail.yandex.net (Yandex) with ESMTP id 583B163743; Mon, 25 Sep 2023 22:41:12 +0300 (MSK) Received: from vsementsov-lin.. (unknown [2a02:6b8:b081:6422::1:2a]) by mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net (smtpcorp/Yandex) with ESMTPSA id geUBjG0OhCg0-ezVntqZu; Mon, 25 Sep 2023 22:41:11 +0300 X-Yandex-Fwd: 1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex-team.ru; s=default; t=1695670871; bh=3bfRsX2bcaRNysuZopQT1GUhW00NrecV1SjNahVWt/I=; h=Message-Id:Date:In-Reply-To:Cc:Subject:References:To:From; b=OYRLkIWw32ZmXjpQZKiBWh2L7dGx3v25cPagkFXjtll4+rOP9yr9luxzNoSwSyhZu cTduvbZq0QaBU2Z1Kce9DoDxcA09OrNxJSNHjh2sAq3SLN37vLzSZPG3LG1I5if1Nv dsJ0JvmfIEP1koIEITolVSTiOJpvL2nhK6s+DXSI= Authentication-Results: mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net; dkim=pass header.i=@yandex-team.ru From: Vladimir Sementsov-Ogievskiy To: qemu-devel@nongnu.org Cc: pbonzini@redhat.com, vsementsov@yandex-team.ru, "Michael S. Tsirkin" , Marcel Apfelbaum Subject: [PATCH 07/12] pcie_sriov: unregister_vfs(): fix error path Date: Mon, 25 Sep 2023 22:40:35 +0300 Message-Id: <20230925194040.68592-8-vsementsov@yandex-team.ru> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230925194040.68592-1-vsementsov@yandex-team.ru> References: <20230925194040.68592-1-vsementsov@yandex-team.ru> MIME-Version: 1.0 Received-SPF: pass client-ip=2a02:6b8:c02:900:1:45:d181:df01; envelope-from=vsementsov@yandex-team.ru; helo=forwardcorp1b.mail.yandex.net X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org local_err must be NULL before calling object_property_set_bool(), so we must clear it on each iteration. Let's also use more convenient error_reportf_err(). Signed-off-by: Vladimir Sementsov-Ogievskiy --- hw/pci/pcie_sriov.c | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/hw/pci/pcie_sriov.c b/hw/pci/pcie_sriov.c index 76a3b6917e..5ef8950940 100644 --- a/hw/pci/pcie_sriov.c +++ b/hw/pci/pcie_sriov.c @@ -196,19 +196,16 @@ static void register_vfs(PCIDevice *dev) static void unregister_vfs(PCIDevice *dev) { - Error *local_err = NULL; uint16_t num_vfs = dev->exp.sriov_pf.num_vfs; uint16_t i; trace_sriov_unregister_vfs(dev->name, PCI_SLOT(dev->devfn), PCI_FUNC(dev->devfn), num_vfs); for (i = 0; i < num_vfs; i++) { + Error *err = NULL; PCIDevice *vf = dev->exp.sriov_pf.vf[i]; - object_property_set_bool(OBJECT(vf), "realized", false, &local_err); - if (local_err) { - fprintf(stderr, "Failed to unplug: %s\n", - error_get_pretty(local_err)); - error_free(local_err); + if (!object_property_set_bool(OBJECT(vf), "realized", false, &err)) { + error_reportf_err(err, "Failed to unplug: "); } object_unparent(OBJECT(vf)); object_unref(OBJECT(vf)); From patchwork Mon Sep 25 19:40:36 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vladimir Sementsov-Ogievskiy X-Patchwork-Id: 1839354 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=yandex-team.ru header.i=@yandex-team.ru header.a=rsa-sha256 header.s=default header.b=gESNlvKC; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=patchwork.ozlabs.org) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4RvYDq23CVz1yp8 for ; Tue, 26 Sep 2023 05:42:35 +1000 (AEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qkrSJ-0002hw-FO; Mon, 25 Sep 2023 15:41:19 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qkrSH-0002fp-IG; Mon, 25 Sep 2023 15:41:17 -0400 Received: from forwardcorp1c.mail.yandex.net ([2a02:6b8:c03:500:1:45:d181:df01]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qkrSF-0004nD-PZ; Mon, 25 Sep 2023 15:41:17 -0400 Received: from mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net (mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net [IPv6:2a02:6b8:c12:550b:0:640:d49b:0]) by forwardcorp1c.mail.yandex.net (Yandex) with ESMTP id 9480B60171; Mon, 25 Sep 2023 22:41:13 +0300 (MSK) Received: from vsementsov-lin.. (unknown [2a02:6b8:b081:6422::1:2a]) by mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net (smtpcorp/Yandex) with ESMTPSA id geUBjG0OhCg0-f2nnX7bD; Mon, 25 Sep 2023 22:41:12 +0300 X-Yandex-Fwd: 1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex-team.ru; s=default; t=1695670873; bh=Qymosp3Tzp2EywkBF9AbDBUTDJP+W3nuvTK+cOVMx3E=; h=Message-Id:Date:In-Reply-To:Cc:Subject:References:To:From; b=gESNlvKC5/s4UVFPVWcb1NjDAIQYaCleJhEhhdHhigIXUtASU4JLIc9sCKdk4BVgr wClq0naCIRz6VcPnYqE24nplDGnhPojbDtheTzYOO0NhAPpuEuhuKEbVgEFZ9h5jps PHgCixZ8loOrPi1TFuPJ0Gc27rtamUPx6TXYjmFs= Authentication-Results: mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net; dkim=pass header.i=@yandex-team.ru From: Vladimir Sementsov-Ogievskiy To: qemu-devel@nongnu.org Cc: pbonzini@redhat.com, vsementsov@yandex-team.ru, Stefan Hajnoczi , Fam Zheng , =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= , Kevin Wolf , Hanna Reitz , qemu-block@nongnu.org (open list:NVMe Block Driver) Subject: [PATCH 08/12] block/nvme: nvme_process_completion() fix bound for cid Date: Mon, 25 Sep 2023 22:40:36 +0300 Message-Id: <20230925194040.68592-9-vsementsov@yandex-team.ru> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230925194040.68592-1-vsementsov@yandex-team.ru> References: <20230925194040.68592-1-vsementsov@yandex-team.ru> MIME-Version: 1.0 Received-SPF: pass client-ip=2a02:6b8:c03:500:1:45:d181:df01; envelope-from=vsementsov@yandex-team.ru; helo=forwardcorp1c.mail.yandex.net X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org NVMeQueuePair::reqs as length NVME_NUM_REQS, which less than NVME_QUEUE_SIZE by 1. Signed-off-by: Vladimir Sementsov-Ogievskiy --- block/nvme.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/block/nvme.c b/block/nvme.c index b6e95f0b7e..7f11ce1d46 100644 --- a/block/nvme.c +++ b/block/nvme.c @@ -416,9 +416,9 @@ static bool nvme_process_completion(NVMeQueuePair *q) q->cq_phase = !q->cq_phase; } cid = le16_to_cpu(c->cid); - if (cid == 0 || cid > NVME_QUEUE_SIZE) { - warn_report("NVMe: Unexpected CID in completion queue: %"PRIu32", " - "queue size: %u", cid, NVME_QUEUE_SIZE); + if (cid == 0 || cid > NVME_NUM_REQS) { + warn_report("NVMe: Unexpected CID in completion queue: %" PRIu32 + ", should be within is: 1..%u", cid, NVME_NUM_REQS); continue; } trace_nvme_complete_command(s, q->index, cid); From patchwork Mon Sep 25 19:40:37 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vladimir Sementsov-Ogievskiy X-Patchwork-Id: 1839358 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=yandex-team.ru header.i=@yandex-team.ru header.a=rsa-sha256 header.s=default header.b=gjWvtdOF; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=patchwork.ozlabs.org) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4RvYFP1YtQz1yp8 for ; Tue, 26 Sep 2023 05:43:05 +1000 (AEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qkrSO-0002kD-K4; Mon, 25 Sep 2023 15:41:24 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qkrSK-0002iU-LM for qemu-devel@nongnu.org; Mon, 25 Sep 2023 15:41:20 -0400 Received: from forwardcorp1c.mail.yandex.net ([2a02:6b8:c03:500:1:45:d181:df01]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qkrSG-0004nN-0r for qemu-devel@nongnu.org; Mon, 25 Sep 2023 15:41:20 -0400 Received: from mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net (mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net [IPv6:2a02:6b8:c12:550b:0:640:d49b:0]) by forwardcorp1c.mail.yandex.net (Yandex) with ESMTP id 36D8360188; Mon, 25 Sep 2023 22:41:14 +0300 (MSK) Received: from vsementsov-lin.. (unknown [2a02:6b8:b081:6422::1:2a]) by mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net (smtpcorp/Yandex) with ESMTPSA id geUBjG0OhCg0-NTf36TY1; Mon, 25 Sep 2023 22:41:13 +0300 X-Yandex-Fwd: 1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex-team.ru; s=default; t=1695670873; bh=cIe/0IKk7zt6P9c5SCbqZyb8mymi/x8y4y8A0MEOJsI=; h=Message-Id:Date:In-Reply-To:Cc:Subject:References:To:From; b=gjWvtdOFip8oifB7phrIXrVItMbRM8KVnIsMXzfw9fvWJ6MJ5fq8xA3m6BNpjZHxB UfYWxgCN4A3vEeK56eIJbdz+S+EfDL9R+iWrmxKBNQTowSbbLzhb/B+yGMtSuTdMVF ipFv22QD139TY0fStYMwLf5fXb8sroyCPoxOSDiI= Authentication-Results: mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net; dkim=pass header.i=@yandex-team.ru From: Vladimir Sementsov-Ogievskiy To: qemu-devel@nongnu.org Cc: pbonzini@redhat.com, vsementsov@yandex-team.ru, kvm@vger.kernel.org (open list:Overall KVM CPUs) Subject: [PATCH 09/12] kvm-all: introduce limits for name_size and num_desc Date: Mon, 25 Sep 2023 22:40:37 +0300 Message-Id: <20230925194040.68592-10-vsementsov@yandex-team.ru> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230925194040.68592-1-vsementsov@yandex-team.ru> References: <20230925194040.68592-1-vsementsov@yandex-team.ru> MIME-Version: 1.0 Received-SPF: pass client-ip=2a02:6b8:c03:500:1:45:d181:df01; envelope-from=vsementsov@yandex-team.ru; helo=forwardcorp1c.mail.yandex.net X-Spam_score_int: -16 X-Spam_score: -1.7 X-Spam_bar: - X-Spam_report: (-1.7 / 5.0 requ) BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Coverity doesn't like when the value with unchecked bounds that comes from fd is used as length for IO or allocation. And really, that's not a good practice. Let's introduce at least an empirical limits for these values. Signed-off-by: Vladimir Sementsov-Ogievskiy --- accel/kvm/kvm-all.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c index ff1578bb32..6d0ba7d900 100644 --- a/accel/kvm/kvm-all.c +++ b/accel/kvm/kvm-all.c @@ -3988,6 +3988,9 @@ typedef struct StatsDescriptors { static QTAILQ_HEAD(, StatsDescriptors) stats_descriptors = QTAILQ_HEAD_INITIALIZER(stats_descriptors); + +#define KVM_STATS_QEMU_MAX_NAME_SIZE (1024 * 1024) +#define KVM_STATS_QEMU_MAX_NUM_DESC (1024) /* * Return the descriptors for 'target', that either have already been read * or are retrieved from 'stats_fd'. @@ -4021,6 +4024,18 @@ static StatsDescriptors *find_stats_descriptors(StatsTarget target, int stats_fd g_free(descriptors); return NULL; } + if (kvm_stats_header->name_size > KVM_STATS_QEMU_MAX_NAME_SIZE) { + error_setg(errp, "KVM stats: too large name_size: %" PRIu32, + kvm_stats_header->name_size); + g_free(descriptors); + return NULL; + } + if (kvm_stats_header->num_desc > KVM_STATS_QEMU_MAX_NUM_DESC) { + error_setg(errp, "KVM stats: too large num_desc: %" PRIu32, + kvm_stats_header->num_desc); + g_free(descriptors); + return NULL; + } size_desc = sizeof(*kvm_stats_desc) + kvm_stats_header->name_size; /* Read stats descriptors */ From patchwork Mon Sep 25 19:40:38 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vladimir Sementsov-Ogievskiy X-Patchwork-Id: 1839352 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=yandex-team.ru header.i=@yandex-team.ru header.a=rsa-sha256 header.s=default header.b=tG9FFPNF; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=patchwork.ozlabs.org) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4RvYDG69sBz1yp8 for ; Tue, 26 Sep 2023 05:42:06 +1000 (AEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qkrSL-0002iT-MC; Mon, 25 Sep 2023 15:41:21 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qkrSJ-0002hc-7n for qemu-devel@nongnu.org; Mon, 25 Sep 2023 15:41:19 -0400 Received: from forwardcorp1c.mail.yandex.net ([178.154.239.200]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qkrSH-0004nX-O2 for qemu-devel@nongnu.org; Mon, 25 Sep 2023 15:41:18 -0400 Received: from mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net (mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net [IPv6:2a02:6b8:c12:550b:0:640:d49b:0]) by forwardcorp1c.mail.yandex.net (Yandex) with ESMTP id F24AB60124; Mon, 25 Sep 2023 22:41:14 +0300 (MSK) Received: from vsementsov-lin.. (unknown [2a02:6b8:b081:6422::1:2a]) by mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net (smtpcorp/Yandex) with ESMTPSA id geUBjG0OhCg0-1m9n3H4x; Mon, 25 Sep 2023 22:41:14 +0300 X-Yandex-Fwd: 1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex-team.ru; s=default; t=1695670874; bh=Ceqsar92SGLUDmjYfejMlbgXc1zamNTGnKCPC76Buhc=; h=Message-Id:Date:In-Reply-To:Cc:Subject:References:To:From; b=tG9FFPNFZfofH0t6oPmFejRga4uj4enQ7mDR1Ryuml4XyQGCEOFzz/4f84E8pb3sh 4Yllhp5Cd/JuikgDKWYdOulkUNTrn6L8ePu6bBmyK5m9pW9vsF/dK3j+QPE3yyu1eZ ceqxPHcOeZ+yCfYcr2RYSizfUhFb94vRYandBPMU= Authentication-Results: mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net; dkim=pass header.i=@yandex-team.ru From: Vladimir Sementsov-Ogievskiy To: qemu-devel@nongnu.org Cc: pbonzini@redhat.com, vsementsov@yandex-team.ru, =?utf-8?q?Philippe_Mathi?= =?utf-8?q?eu-Daud=C3=A9?= , Thomas Huth , Peter Maydell , Richard Henderson Subject: [PATCH 10/12] hw/core/loader: gunzip(): initialize z_stream Date: Mon, 25 Sep 2023 22:40:38 +0300 Message-Id: <20230925194040.68592-11-vsementsov@yandex-team.ru> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230925194040.68592-1-vsementsov@yandex-team.ru> References: <20230925194040.68592-1-vsementsov@yandex-team.ru> MIME-Version: 1.0 Received-SPF: pass client-ip=178.154.239.200; envelope-from=vsementsov@yandex-team.ru; helo=forwardcorp1c.mail.yandex.net X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Coverity signals that variable as being used uninitialized. And really, when work with external APIs that's better to zero out the structure, where we set some fields by hand. Signed-off-by: Vladimir Sementsov-Ogievskiy --- hw/core/loader.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hw/core/loader.c b/hw/core/loader.c index 4b67543046..aa02b27089 100644 --- a/hw/core/loader.c +++ b/hw/core/loader.c @@ -573,7 +573,7 @@ static void zfree(void *x, void *addr) ssize_t gunzip(void *dst, size_t dstlen, uint8_t *src, size_t srclen) { - z_stream s; + z_stream s = {0}; ssize_t dstbytes; int r, i, flags; From patchwork Mon Sep 25 19:40:39 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vladimir Sementsov-Ogievskiy X-Patchwork-Id: 1839356 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=yandex-team.ru header.i=@yandex-team.ru header.a=rsa-sha256 header.s=default header.b=iowMtKug; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=patchwork.ozlabs.org) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4RvYF71Xspz1yqR for ; Tue, 26 Sep 2023 05:42:51 +1000 (AEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qkrSM-0002jW-7v; Mon, 25 Sep 2023 15:41:22 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qkrSJ-0002he-9g for qemu-devel@nongnu.org; Mon, 25 Sep 2023 15:41:19 -0400 Received: from forwardcorp1c.mail.yandex.net ([2a02:6b8:c03:500:1:45:d181:df01]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qkrSH-0004o7-M7 for qemu-devel@nongnu.org; Mon, 25 Sep 2023 15:41:19 -0400 Received: from mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net (mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net [IPv6:2a02:6b8:c12:550b:0:640:d49b:0]) by forwardcorp1c.mail.yandex.net (Yandex) with ESMTP id 5996B60196; Mon, 25 Sep 2023 22:41:16 +0300 (MSK) Received: from vsementsov-lin.. (unknown [2a02:6b8:b081:6422::1:2a]) by mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net (smtpcorp/Yandex) with ESMTPSA id geUBjG0OhCg0-XrxFpo6z; Mon, 25 Sep 2023 22:41:15 +0300 X-Yandex-Fwd: 1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex-team.ru; s=default; t=1695670875; bh=xFkYfoa8y8fALQ7GpWsKjC977uIrpJDrmNygB6lM1io=; h=Message-Id:Date:In-Reply-To:Cc:Subject:References:To:From; b=iowMtKug7yHxfkWWoMYC3jtRiT8buFdE5Bq6Aen/2Wwd/sLMZnye9taslCeOAbYiN NNP3ZryE4aekflLbtZ8yH7BuMfYj8W7kxv/ZiL0iuRQUP93hTa75Vdt34MbJlbTwWi 4+LH0P2D0i5bXbylvBzz1B3Wr4+qjUy22CTHsIVI= Authentication-Results: mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net; dkim=pass header.i=@yandex-team.ru From: Vladimir Sementsov-Ogievskiy To: qemu-devel@nongnu.org Cc: pbonzini@redhat.com, vsementsov@yandex-team.ru, =?utf-8?q?Philippe_Mathi?= =?utf-8?q?eu-Daud=C3=A9?= , Peter Maydell , Thomas Huth , Richard Henderson , =?utf-8?q?C=C3=A9dric_Le_?= =?utf-8?q?Goater?= , Joel Stanley , =?utf-8?q?Alex_Benn=C3=A9e?= , Ard Biesheuvel Subject: [PATCH 11/12] hw/core/loader: read_targphys(): add upper bound Date: Mon, 25 Sep 2023 22:40:39 +0300 Message-Id: <20230925194040.68592-12-vsementsov@yandex-team.ru> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230925194040.68592-1-vsementsov@yandex-team.ru> References: <20230925194040.68592-1-vsementsov@yandex-team.ru> MIME-Version: 1.0 Received-SPF: pass client-ip=2a02:6b8:c03:500:1:45:d181:df01; envelope-from=vsementsov@yandex-team.ru; helo=forwardcorp1c.mail.yandex.net X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Coverity doesn't like using "untrusted" values, coming from buffers and fd-s as length to do IO and allocations. And that's make sense. The function is used three times with "untrusted" nbytes parameter. Let's introduce at least empirical limit of 1G for it. While being here make the function static, as it's used only here. Signed-off-by: Vladimir Sementsov-Ogievskiy --- hw/core/loader.c | 13 ++++++++++--- include/hw/loader.h | 2 -- 2 files changed, 10 insertions(+), 5 deletions(-) diff --git a/hw/core/loader.c b/hw/core/loader.c index aa02b27089..48cff6f59e 100644 --- a/hw/core/loader.c +++ b/hw/core/loader.c @@ -101,17 +101,24 @@ ssize_t load_image_size(const char *filename, void *addr, size_t size) return actsize < 0 ? -1 : l; } +#define READ_TARGPHYS_MAX_BYTES (1024 * 1024 * 1024) /* read()-like version */ -ssize_t read_targphys(const char *name, - int fd, hwaddr dst_addr, size_t nbytes) +static ssize_t read_targphys(const char *name, + int fd, hwaddr dst_addr, size_t nbytes) { uint8_t *buf; ssize_t did; + if (nbytes > READ_TARGPHYS_MAX_BYTES) { + return -1; + } + buf = g_malloc(nbytes); did = read(fd, buf, nbytes); - if (did > 0) + if (did > 0) { rom_add_blob_fixed("read", buf, did, dst_addr); + } + g_free(buf); return did; } diff --git a/include/hw/loader.h b/include/hw/loader.h index c4c14170ea..e29af233d2 100644 --- a/include/hw/loader.h +++ b/include/hw/loader.h @@ -264,8 +264,6 @@ ssize_t load_ramdisk(const char *filename, hwaddr addr, uint64_t max_sz); ssize_t gunzip(void *dst, size_t dstlen, uint8_t *src, size_t srclen); -ssize_t read_targphys(const char *name, - int fd, hwaddr dst_addr, size_t nbytes); void pstrcpy_targphys(const char *name, hwaddr dest, int buf_size, const char *source); From patchwork Mon Sep 25 19:40:40 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vladimir Sementsov-Ogievskiy X-Patchwork-Id: 1839360 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=yandex-team.ru header.i=@yandex-team.ru header.a=rsa-sha256 header.s=default header.b=EoyTdqRX; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=patchwork.ozlabs.org) Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4RvYFm2MZtz1yp8 for ; Tue, 26 Sep 2023 05:43:24 +1000 (AEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qkrSM-0002k2-QK; Mon, 25 Sep 2023 15:41:22 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qkrSK-0002iV-Lm for qemu-devel@nongnu.org; Mon, 25 Sep 2023 15:41:20 -0400 Received: from forwardcorp1b.mail.yandex.net ([2a02:6b8:c02:900:1:45:d181:df01]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qkrSJ-0004oW-2w for qemu-devel@nongnu.org; Mon, 25 Sep 2023 15:41:20 -0400 Received: from mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net (mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net [IPv6:2a02:6b8:c12:550b:0:640:d49b:0]) by forwardcorp1b.mail.yandex.net (Yandex) with ESMTP id EF59A63731; Mon, 25 Sep 2023 22:41:16 +0300 (MSK) Received: from vsementsov-lin.. (unknown [2a02:6b8:b081:6422::1:2a]) by mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net (smtpcorp/Yandex) with ESMTPSA id geUBjG0OhCg0-HCwX5Buy; Mon, 25 Sep 2023 22:41:16 +0300 X-Yandex-Fwd: 1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex-team.ru; s=default; t=1695670876; bh=LlWO6QvyAZHwmjTuyySqEJaTB98DdufY4TNWDe9x0cM=; h=Message-Id:Date:In-Reply-To:Cc:Subject:References:To:From; b=EoyTdqRXU2PR1vGFlMtgCDRj/25BC5HgvJu9LIAIWZXmMi7a7nGeVnkQXX+IhtnmW SuR6p1w+iHz8nkBD1hgaNWs9UGCN5HyUnO53rKIWcosKXVzMv40rw0KWEyZJmnC+BU klgHAY+nmW3WTZARIx8U/rg/s0SVayw18FOhzY20= Authentication-Results: mail-nwsmtp-smtp-corp-main-62.myt.yp-c.yandex.net; dkim=pass header.i=@yandex-team.ru From: Vladimir Sementsov-Ogievskiy To: qemu-devel@nongnu.org Cc: pbonzini@redhat.com, vsementsov@yandex-team.ru, =?utf-8?q?Daniel_P=2E_Be?= =?utf-8?q?rrang=C3=A9?= Subject: [PATCH 12/12] io/channel-socket: qio_channel_socket_flush(): improve msg validation Date: Mon, 25 Sep 2023 22:40:40 +0300 Message-Id: <20230925194040.68592-13-vsementsov@yandex-team.ru> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230925194040.68592-1-vsementsov@yandex-team.ru> References: <20230925194040.68592-1-vsementsov@yandex-team.ru> MIME-Version: 1.0 Received-SPF: pass client-ip=2a02:6b8:c02:900:1:45:d181:df01; envelope-from=vsementsov@yandex-team.ru; helo=forwardcorp1b.mail.yandex.net X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Signed-off-by: Vladimir Sementsov-Ogievskiy --- io/channel-socket.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/io/channel-socket.c b/io/channel-socket.c index 02ffb51e99..3a899b0608 100644 --- a/io/channel-socket.c +++ b/io/channel-socket.c @@ -782,6 +782,11 @@ static int qio_channel_socket_flush(QIOChannel *ioc, "Error not from zero copy"); return -1; } + if (serr->ee_data < serr->ee_info) { + error_setg_errno(errp, serr->ee_origin, + "Wrong notification bounds"); + return -1; + } /* No errors, count successfully finished sendmsg()*/ sioc->zero_copy_sent += serr->ee_data - serr->ee_info + 1;