Received: by 10.223.176.5 with SMTP id f5csp917889wra; Fri, 2 Feb 2018 08:12:22 -0800 (PST) X-Google-Smtp-Source: AH8x224/K3+wvsJTOmfYUooFMkhkoxwoJ0zaLYHZUvlqDcKu/U3e7NuM5dE96tZeY5rD0G4xIv2K X-Received: by 2002:a17:902:868f:: with SMTP id g15-v6mr33349307plo.137.1517587942062; Fri, 02 Feb 2018 08:12:22 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517587942; cv=none; d=google.com; s=arc-20160816; b=l0OBSWHLNIgQ8VMIUGQjrPdfHTqR8Pcl2fsKalStnuyoXBOnPY57RF/Y6Hj1VKRdYx TJnYCvSQnEueRvBs2S6Fg78mlhzlNHLBB7sKDjrCbBLo/Cmgryl5DjO2/mypa0cc2Kcy QlBTJTHhNL8ZmeTOfckFb1uZ3QF2oyP4+/le9jhEFfqzwTrlO9ZkZwiX40ZYLAdJt9Cg tOYA7tfsDetT/xn+hgJJLbgTrQ1LbXatZ41oVw7Z5+IApSUKDuvtxaDXNkWGTAsV5Bvb 8YjBWpjQTR5caTtURHSCQNrIn+BIuN/S2EmugwXu9fRXJaf5knLYzO089/0KtNhObdR8 x8sg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=xXEULXc9KLwfCsHVQ409SFWjBRFjCvzrMbAFUG/Gxsk=; b=FfofpK54ULrGM2lZB8UZGGvxxnGzlds16t2L0ObtDcJX9/1xfOzlrmrFxgMKfL2vAQ aJtS4SU7o8TNWLyOIii+9pPQOVWL0kBENmjYTw7x63BXOeaLjMjaMqgt6EAOO1KMjnl1 6Jqte/AE0oPX9eXwqQbREgTKt1J+z67wgPlGKtLkSpFgKsbViH+Aq+o0PNnYvpRbvZEx B4XyorQb8sjirAtIBgz9qbn42GpFoJg2aeRQvrIxqiaEc9HmF9+UjJzzOJvWxEeaPYWO xeUCNM8sMoBS4QqGUJXEZWelperJOTGM4Hl+LPFb20/p9IEzGOLM9TkhbXEQzx+xQlTC wDDQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=R4/8EMFA; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m81si2059384pfk.168.2018.02.02.08.12.07; Fri, 02 Feb 2018 08:12:22 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=R4/8EMFA; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752229AbeBBQLK (ORCPT + 99 others); Fri, 2 Feb 2018 11:11:10 -0500 Received: from mail-ot0-f194.google.com ([74.125.82.194]:36759 "EHLO mail-ot0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751567AbeBBQLD (ORCPT ); Fri, 2 Feb 2018 11:11:03 -0500 Received: by mail-ot0-f194.google.com with SMTP id m20so2377224otf.3 for ; Fri, 02 Feb 2018 08:11:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=xXEULXc9KLwfCsHVQ409SFWjBRFjCvzrMbAFUG/Gxsk=; b=R4/8EMFAegDOvxwouMurijxxwmcHqXqHuENbtKqRoVDVv+KJVuTkyGzbN1dpshQIv6 naZE9PqmDh4vw8uNvmz011B3g+Y/8kQZfEvGgVoggEvYQ/wz/ZILQnN1vLcztjwMNcko 9r26wpfzuk2tDcD6jLiT2OQC6YWhKw2wJ1UXNEv1piYRm7J76FMxI/8GOzMWNLM+/2SH 2JlwTM9P5aJ8Qn6vi20eIT8888A5hpCJUGCkgICjrZKA3WzqKKxckr2zHjEYmw0mG4Ea 1QkHeXcS62lyStVPTj2Dq69UC9dIslzxn23BwMzNgf3d28BTXIOT3uXDZyFzAkKlWjRG DHeA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=xXEULXc9KLwfCsHVQ409SFWjBRFjCvzrMbAFUG/Gxsk=; b=YXZF+1xVkBo9nFYWYKxeUOk+Z0mnX3nWx7YWkKO2s+qXcTyI3RuquGIJfpYeUIDYIq hrQrwMxdxP26/cLZX9zd8rQLKOoXBPxMvT/fqZSgi5ktm5339UgAkQhDfoMH1BWI623H uUef7mYnqIZsxl4M4UPw/bVUlNKUrtHAffEZWOO14ft8AdYvmMWKcBoUqZrtOOXK0ECc d3nVKuOcVJOkaVvhXFLbl1jAR9Cp7xI+Cydp/ptsoDoaduL5K5BgGztNu3sJJgVuXnn2 WoN32Yt5JS9rD518a1dVDFZIlcQ84qNDj7fbR37SLuVb5yEXXQ+wytbPebLzNWMgCD/X TNNw== X-Gm-Message-State: AKwxytdxtbV4rpSZzabRoBufyJs0ZDAchRpaMJ8WRItJXPpBpASY0BvI uj2AdukdCJJ0zBGOQDHgL1JaWcHk8G14GB/J9TY= X-Received: by 10.157.9.206 with SMTP id 14mr10522934otz.212.1517587862646; Fri, 02 Feb 2018 08:11:02 -0800 (PST) MIME-Version: 1.0 Received: by 10.157.68.33 with HTTP; Fri, 2 Feb 2018 08:11:02 -0800 (PST) In-Reply-To: <20180202155309.2xg2gjcp7wb7bbpe@mwanda> References: <20180202153240.1190361-1-arnd@arndb.de> <20180202155309.2xg2gjcp7wb7bbpe@mwanda> From: Arnd Bergmann Date: Fri, 2 Feb 2018 17:11:02 +0100 X-Google-Sender-Auth: V39I-YZ2b2Jxa7uik1TFdTwCfkw Message-ID: Subject: Re: [PATCH] xen: hypercall: fix out-of-bounds memcpy To: Dan Carpenter Cc: Boris Ostrovsky , Juergen Gross , Nicolas Pitre , Andi Kleen , Jan Beulich , xen-devel , Linux Kernel Mailing List Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Feb 2, 2018 at 4:53 PM, Dan Carpenter wrote: > On Fri, Feb 02, 2018 at 04:32:31PM +0100, Arnd Bergmann wrote: >> --- a/drivers/xen/fallback.c >> +++ b/drivers/xen/fallback.c >> @@ -7,75 +7,87 @@ >> >> int xen_event_channel_op_compat(int cmd, void *arg) >> { >> - struct evtchn_op op; >> + struct evtchn_op op = { .cmd = cmd, }; >> + size_t len; >> int rc; >> >> - op.cmd = cmd; >> - memcpy(&op.u, arg, sizeof(op.u)); >> - rc = _hypercall1(int, event_channel_op_compat, &op); >> - >> switch (cmd) { >> + case EVTCHNOP_bind_interdomain: >> + len = sizeof(struct evtchn_bind_interdomain); >> + break; > > This was in the original code, but I'm slightly surpprised that we're > using a switch statement here instead of a table. I would have thought > this is a fast path but I don't know xen at all. I thought about using a table, but figured the switch statement had a lower risk of getting something slightly wrong during the conversion. I would expect gcc to turn this into a table lookup, since all the constants are consecutive, but it should not really matter since this is only the fallback path for ancient Xen releases. When Xen guest support was first merged in 2007, it was already deprecated. Arnd