[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v2 06/10] block: Make 'bytes' param of bdrv_co_{pread, pwrite
From: |
Eric Blake |
Subject: |
Re: [PATCH v2 06/10] block: Make 'bytes' param of bdrv_co_{pread, pwrite, preadv, pwritev}() an int64_t |
Date: |
Tue, 17 May 2022 09:32:21 -0500 |
User-agent: |
NeoMutt/20220429-68-cedf86 |
On Fri, May 13, 2022 at 04:57:45PM +0100, Alberto Faria wrote:
> For consistency with other I/O functions, and in preparation to
> implement bdrv_{pread,pwrite}() using generated_co_wrapper.
>
> unsigned int fits in int64_t, so all callers remain correct.
However, future callers that pass in something larger than unsigned int...
> +++ b/include/block/block_int-io.h
> @@ -56,7 +56,7 @@ int coroutine_fn bdrv_co_pwritev_part(BdrvChild *child,
> QEMUIOVector *qiov, size_t qiov_offset, BdrvRequestFlags flags);
>
> static inline int coroutine_fn bdrv_co_pread(BdrvChild *child,
> - int64_t offset, unsigned int bytes, void *buf, BdrvRequestFlags flags)
> + int64_t offset, int64_t bytes, void *buf, BdrvRequestFlags flags)
> {
> QEMUIOVector qiov = QEMU_IOVEC_INIT_BUF(qiov, buf, bytes);
...now end up calling QEMU_IOVEC_INIT_BUF() which tries to do
.local_iov.iov_len = bytes, which can silently overflow on 32-bit
platforms where iov_len is size_t. We need to add a code guard that
callers do not pass in too large of a buffer.
> IO_CODE();
> @@ -65,7 +65,7 @@ static inline int coroutine_fn bdrv_co_pread(BdrvChild
> *child,
> }
>
> static inline int coroutine_fn bdrv_co_pwrite(BdrvChild *child,
> - int64_t offset, unsigned int bytes, const void *buf, BdrvRequestFlags
> flags)
> + int64_t offset, int64_t bytes, const void *buf, BdrvRequestFlags flags)
> {
> QEMUIOVector qiov = QEMU_IOVEC_INIT_BUF(qiov, buf, bytes);
Here as well.
--
Eric Blake, Principal Software Engineer
Red Hat, Inc. +1-919-301-3266
Virtualization: qemu.org | libvirt.org
- [PATCH v2 00/10] Implement bdrv_{pread, pwrite, pwrite_sync, pwrite_zeroes}() using generated_co_wrapper, Alberto Faria, 2022/05/13
- [PATCH v2 01/10] block: Add a 'flags' param to bdrv_{pread, pwrite, pwrite_sync}(), Alberto Faria, 2022/05/13
- [PATCH v2 02/10] block: Change bdrv_{pread, pwrite, pwrite_sync}() param order, Alberto Faria, 2022/05/13
- [PATCH v2 03/10] block: Make bdrv_{pread, pwrite}() return 0 on success, Alberto Faria, 2022/05/13
- [PATCH v2 04/10] crypto: Make block callbacks return 0 on success, Alberto Faria, 2022/05/13
- [PATCH v2 05/10] block: Make bdrv_co_pwrite() take a const buffer, Alberto Faria, 2022/05/13
- [PATCH v2 06/10] block: Make 'bytes' param of bdrv_co_{pread, pwrite, preadv, pwritev}() an int64_t, Alberto Faria, 2022/05/13
- Re: [PATCH v2 06/10] block: Make 'bytes' param of bdrv_co_{pread, pwrite, preadv, pwritev}() an int64_t,
Eric Blake <=
- Re: [PATCH v2 06/10] block: Make 'bytes' param of bdrv_co_{pread, pwrite, preadv, pwritev}() an int64_t, Alberto Faria, 2022/05/17
- Re: [PATCH v2 06/10] block: Make 'bytes' param of bdrv_co_{pread, pwrite, preadv, pwritev}() an int64_t, Eric Blake, 2022/05/18
- [PATCH v2 07/10] block: Implement bdrv_{pread, pwrite, pwrite_zeroes}() using generated_co_wrapper, Alberto Faria, 2022/05/13
- [PATCH v2 08/10] block: Add bdrv_co_pwrite_sync(), Alberto Faria, 2022/05/13
- [PATCH v2 09/10] block: Use bdrv_co_pwrite_sync() when caller is coroutine_fn, Alberto Faria, 2022/05/13
- [PATCH v2 10/10] block/qcow2: Use bdrv_pwrite_sync() in qcow2_mark_dirty(), Alberto Faria, 2022/05/13