From nobody Sat Feb 7 06:21:18 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+47213+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1568386271; cv=none; d=zoho.com; s=zohoarc; b=bBEwDSrAVf6OwPF7uNsRdKAgccCnNPW5ociui3mPKFJr5i1bRU0eJEzieCU8PTNOgAlyHSO2J4UY0ZbdVtkGpwUpk65btmUbnJuzlW2kyFlRVdTY7dOrQdcv+vsAVqbej4oLTWHq0F/3JTIon1xaG7h/F6HtQTUemSs5sOgHsws= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1568386271; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To:ARC-Authentication-Results; bh=K0VgrrlVlXccbPMu6xYw+E3QVhPwSD6znzZIKYjMKMk=; b=UnyenhJOqiTE9+0dosGd5O0yaKoaamhArwQayR0UuLCflv7TjVZ5unnxHPQq2cP+MN7rWqh4dM7stFur/jQlP1oCN0bnSYLJzchGfJ5GxpsH3bdOfM4JTvwQItSQv44bAUZI4rXCdJS9bG19GPndT65RmwR19zO7JhL1L2kjssY= ARC-Authentication-Results: i=1; mx.zoho.com; dkim=pass; spf=pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+47213+1787277+3901457@groups.io Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1568386271075404.55109601359095; Fri, 13 Sep 2019 07:51:11 -0700 (PDT) Return-Path: X-Received: from esa1.hc3370-68.iphmx.com (esa1.hc3370-68.iphmx.com []) by groups.io with SMTP; Fri, 13 Sep 2019 07:51:09 -0700 Received-SPF: pass (zoho.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+47213+1787277+3901457@groups.io; helo=web01.groups.io; Received-SPF: None (esa1.hc3370-68.iphmx.com: no sender authenticity information available from domain of anthony.perard@citrix.com) identity=pra; client-ip=162.221.158.21; receiver=esa1.hc3370-68.iphmx.com; envelope-from="anthony.perard@citrix.com"; x-sender="anthony.perard@citrix.com"; x-conformance=sidf_compatible Received-SPF: Pass (esa1.hc3370-68.iphmx.com: domain of anthony.perard@citrix.com designates 162.221.158.21 as permitted sender) identity=mailfrom; client-ip=162.221.158.21; receiver=esa1.hc3370-68.iphmx.com; envelope-from="anthony.perard@citrix.com"; x-sender="anthony.perard@citrix.com"; x-conformance=sidf_compatible; x-record-type="v=spf1"; x-record-text="v=spf1 ip4:209.167.231.154 ip4:178.63.86.133 ip4:195.66.111.40/30 ip4:85.115.9.32/28 ip4:199.102.83.4 ip4:192.28.146.160 ip4:192.28.146.107 ip4:216.52.6.88 ip4:216.52.6.188 ip4:162.221.158.21 ip4:162.221.156.83 ~all" Received-SPF: None (esa1.hc3370-68.iphmx.com: no sender authenticity information available from domain of postmaster@mail.citrix.com) identity=helo; client-ip=162.221.158.21; receiver=esa1.hc3370-68.iphmx.com; envelope-from="anthony.perard@citrix.com"; x-sender="postmaster@mail.citrix.com"; x-conformance=sidf_compatible IronPort-SDR: SQpEESrH0HvRSJaZCPM1lFvVPSi/dk4bKcioDSpKcogGwUMge2QvhatUfzWBoEXnD35c0eAM9k l9N4FjJ5+2vRDZ8w4+TJ+71QZMEezuNb39hKkKa/76/QW9NJznKuFn5GsN1k9azylgyNgG/sKj YpBVcCzWdZUBOvmdVTvNiN/p/CW0wMos/4R9N6n/+X0NBTHwpUUWbFu9WeZqCccyNWgNv9Tzve 0GVpQOhmu5sB9l7zq92Pl1GnRVd4mp/UWOQdjKslx3E/sg/ke5sJHbG5pj2QnOhntYyORijqdm LwU= X-SBRS: 2.7 X-MesageID: 5595147 X-Ironport-Server: esa1.hc3370-68.iphmx.com X-Remote-IP: 162.221.158.21 X-Policy: $RELAYED X-IronPort-AV: E=Sophos;i="5.64,501,1559534400"; d="scan'208";a="5595147" From: "Anthony PERARD" To: CC: Ard Biesheuvel , Julien Grall , Jordan Justen , , Anthony Perard , Laszlo Ersek Subject: [edk2-devel] [PATCH 07/11] OvmfPkg/XenBusDxe: Use on stack buffer in internal functions Date: Fri, 13 Sep 2019 15:50:56 +0100 Message-ID: <20190913145100.303433-8-anthony.perard@citrix.com> In-Reply-To: <20190913145100.303433-1-anthony.perard@citrix.com> References: <20190913145100.303433-1-anthony.perard@citrix.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,anthony.perard@citrix.com Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1568386270; bh=K0VgrrlVlXccbPMu6xYw+E3QVhPwSD6znzZIKYjMKMk=; h=CC:Content-Type:Date:From:Reply-To:Subject:To; b=UXW897KzT6amCt8UPbtEJcx3eBqwB9KqPhlzu8fNtUd1raD1LctATVEv3/hJCz9Pr4r 5LM7PqyUwHcrbprkEGjbKk0nNHjzSe0PugpWOYcMGAFtLSI67fQ4t+TsyZpi/1px9CDsM c3kUU2AYJCjBfdWcO3DoS+bk9Qi4KrUWNhg= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" We will use a buffer on the stack instead of allocating memory for internal functions that are expecting a reply from xenstore. The external interface XENBUS_PROTOCOL isn't changed yet, so allocation are made for XsRead and XsBackendRead. Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2190 Signed-off-by: Anthony PERARD --- OvmfPkg/XenBusDxe/XenBus.c | 40 ++++++------ OvmfPkg/XenBusDxe/XenStore.c | 115 ++++++++++++++++++++--------------- OvmfPkg/XenBusDxe/XenStore.h | 17 +++--- 3 files changed, 95 insertions(+), 77 deletions(-) diff --git a/OvmfPkg/XenBusDxe/XenBus.c b/OvmfPkg/XenBusDxe/XenBus.c index bb8ddbc4d4..78835ec7b3 100644 --- a/OvmfPkg/XenBusDxe/XenBus.c +++ b/OvmfPkg/XenBusDxe/XenBus.c @@ -89,19 +89,18 @@ XenBusReadDriverState ( IN CONST CHAR8 *Path ) { - XenbusState State; - CHAR8 *Ptr =3D NULL; + XenbusState State; + CHAR8 Buffer[4]; + UINTN BufferSize; XENSTORE_STATUS Status; =20 - Status =3D XenStoreRead (XST_NIL, Path, "state", NULL, (VOID **)&Ptr); + BufferSize =3D sizeof (Buffer) - 1; + Status =3D XenStoreRead (XST_NIL, Path, "state", &BufferSize, Buffer); if (Status !=3D XENSTORE_STATUS_SUCCESS) { State =3D XenbusStateClosed; } else { - State =3D AsciiStrDecimalToUintn (Ptr); - } - - if (Ptr !=3D NULL) { - FreePool (Ptr); + Buffer[BufferSize] =3D '\0'; + State =3D AsciiStrDecimalToUintn (Buffer); } =20 return State; @@ -129,8 +128,11 @@ XenBusAddDevice ( =20 if (XenStorePathExists (XST_NIL, DevicePath, "")) { XENBUS_PRIVATE_DATA *Child; - enum xenbus_state State; - CHAR8 *BackendPath; + enum xenbus_state State; + CHAR8 BackendPath[XENSTORE_ABS_PATH_MAX + 1]; + UINTN BackendPathSize; + + BackendPathSize =3D sizeof (BackendPath); =20 Child =3D XenBusDeviceInitialized (Dev, DevicePath); if (Child !=3D NULL) { @@ -155,17 +157,18 @@ XenBusAddDevice ( } =20 StatusXenStore =3D XenStoreRead (XST_NIL, DevicePath, "backend", - NULL, (VOID **) &BackendPath); + &BackendPathSize, BackendPath); if (StatusXenStore !=3D XENSTORE_STATUS_SUCCESS) { DEBUG ((EFI_D_ERROR, "xenbus: %a no backend path.\n", DevicePath)); Status =3D EFI_NOT_FOUND; goto out; } + BackendPath[BackendPathSize] =3D '\0'; =20 Private =3D AllocateCopyPool (sizeof (*Private), &gXenBusPrivateData); Private->XenBusIo.Type =3D AsciiStrDup (Type); Private->XenBusIo.Node =3D AsciiStrDup (DevicePath); - Private->XenBusIo.Backend =3D BackendPath; + Private->XenBusIo.Backend =3D AsciiStrDup (BackendPath); Private->XenBusIo.DeviceId =3D (UINT16)AsciiStrDecimalToUintn (Id); Private->Dev =3D Dev; =20 @@ -309,17 +312,20 @@ XenBusSetState ( ) { enum xenbus_state CurrentState; - XENSTORE_STATUS Status; - CHAR8 *Temp; + XENSTORE_STATUS Status; + CHAR8 Buffer[4]; + UINTN BufferSize; + + BufferSize =3D sizeof (Buffer) - 1; =20 DEBUG ((EFI_D_INFO, "XenBus: Set state to %d\n", NewState)); =20 - Status =3D XenStoreRead (Transaction, This->Node, "state", NULL, (VOID *= *)&Temp); + Status =3D XenStoreRead (Transaction, This->Node, "state", &BufferSize, = Buffer); if (Status !=3D XENSTORE_STATUS_SUCCESS) { goto Out; } - CurrentState =3D AsciiStrDecimalToUintn (Temp); - FreePool (Temp); + Buffer[BufferSize] =3D '\0'; + CurrentState =3D AsciiStrDecimalToUintn (Buffer); if (CurrentState =3D=3D NewState) { goto Out; } diff --git a/OvmfPkg/XenBusDxe/XenStore.c b/OvmfPkg/XenBusDxe/XenStore.c index 004d3b6022..b9588bb8c6 100644 --- a/OvmfPkg/XenBusDxe/XenStore.c +++ b/OvmfPkg/XenBusDxe/XenStore.c @@ -756,8 +756,9 @@ XenStoreGetError ( @param RequestType The type of message to send. @param WriteRequest Pointers to the body sections of the request. @param NumRequests The number of body sections in the request. - @param LenPtr The returned length of the reply. - @param ResultPtr The returned body of the reply. + @param BufferSize IN: size of the buffer + OUT: The returned length of the reply. + @param Buffer The returned body of the reply. =20 @return XENSTORE_STATUS_SUCCESS on success. Otherwise an errno indicat= ing the cause of failure. @@ -769,15 +770,13 @@ XenStoreTalkv ( IN enum xsd_sockmsg_type RequestType, IN CONST WRITE_REQUEST *WriteRequest, IN UINT32 NumRequests, - OUT UINT32 *LenPtr OPTIONAL, - OUT VOID **ResultPtr OPTIONAL + IN OUT UINTN *BufferSize OPTIONAL, + OUT VOID *Buffer OPTIONAL ) { struct xsd_sockmsg Message; UINTN Index; XENSTORE_STATUS Status; - VOID *Buffer; - UINTN BufferSize; =20 if (Transaction =3D=3D XST_NIL) { Message.tx_id =3D 0; @@ -805,32 +804,15 @@ XenStoreTalkv ( } } =20 - if (ResultPtr) { - Buffer =3D AllocatePool (XENSTORE_PAYLOAD_MAX + 1); - BufferSize =3D XENSTORE_PAYLOAD_MAX; - } else { - Buffer =3D NULL; - BufferSize =3D 0; - } - // // Wait for a reply to our request // Status =3D XenStoreProcessMessage (Message.req_id, Message.tx_id, - &BufferSize, Buffer); + BufferSize, Buffer); =20 if (Status !=3D XENSTORE_STATUS_SUCCESS) { DEBUG ((DEBUG_ERROR, "XenStore, error while reading the ring (%d).\n", Status)); - FreePool (Buffer); - return Status; - } - - if (ResultPtr) { - *ResultPtr =3D Buffer; - if (LenPtr) { - *LenPtr =3D BufferSize; - } } =20 Error: @@ -848,8 +830,9 @@ XenStoreTalkv ( @param RequestType The type of message to send. @param Body The body of the request. @param SubPath If !NULL and not "", "/$SubPath" is append to Body. - @param LenPtr The returned length of the reply. - @param Result The returned body of the reply. + @param BufferSize IN: sizef of the buffer + OUT: The returned length of the reply. + @param Buffer The returned body of the reply. =20 @return 0 on success. Otherwise an errno indicating the cause of failure. @@ -861,8 +844,8 @@ XenStoreSingle ( IN enum xsd_sockmsg_type RequestType, IN CONST CHAR8 *Body, IN CONST CHAR8 *SubPath OPTIONAL, - OUT UINT32 *LenPtr OPTIONAL, - OUT VOID **Result OPTIONAL + IN OUT UINTN *BufferSize OPTIONAL, + OUT VOID *Buffer OPTIONAL ) { WRITE_REQUEST WriteRequest[3]; @@ -870,7 +853,7 @@ XenStoreSingle ( XenStorePrepareWriteRequest (WriteRequest, Body, SubPath); =20 return XenStoreTalkv (Transaction, RequestType, WriteRequest, 3, - LenPtr, Result); + BufferSize, Buffer); } =20 // @@ -1106,13 +1089,16 @@ XenStoreListDirectory ( OUT CONST CHAR8 ***DirectoryListPtr ) { - CHAR8 *TempStr; - UINT32 Len =3D 0; + CHAR8 *TempStr; + UINTN Len; XENSTORE_STATUS Status; =20 + TempStr =3D AllocatePool (XENSTORE_PAYLOAD_MAX); + Len =3D XENSTORE_PAYLOAD_MAX; Status =3D XenStoreSingle (Transaction, XS_DIRECTORY, DirectoryPath, Nod= e, &Len, - (VOID **) &TempStr); + TempStr); if (Status !=3D XENSTORE_STATUS_SUCCESS) { + FreePool (TempStr); return Status; } =20 @@ -1146,21 +1132,14 @@ XenStoreRead ( IN CONST XENSTORE_TRANSACTION *Transaction, IN CONST CHAR8 *DirectoryPath, IN CONST CHAR8 *Node, - OUT UINT32 *LenPtr OPTIONAL, - OUT VOID **Result + IN OUT UINTN *BufferSize, + OUT VOID *Buffer ) { - VOID *Value; - XENSTORE_STATUS Status; - - Status =3D XenStoreSingle (Transaction, XS_READ, DirectoryPath, Node, - LenPtr, &Value); - if (Status !=3D XENSTORE_STATUS_SUCCESS) { - return Status; - } - - *Result =3D Value; - return XENSTORE_STATUS_SUCCESS; + ASSERT (BufferSize !=3D NULL); + ASSERT (Buffer !=3D NULL); + return XenStoreSingle (Transaction, XS_READ, DirectoryPath, Node, + BufferSize, Buffer); } =20 XENSTORE_STATUS @@ -1199,14 +1178,16 @@ XenStoreTransactionStart ( OUT XENSTORE_TRANSACTION *Transaction ) { - CHAR8 *IdStr; + CHAR8 IdStr[XENSTORE_PAYLOAD_MAX]; + UINTN BufferSize; XENSTORE_STATUS Status; =20 + BufferSize =3D sizeof (IdStr); + Status =3D XenStoreSingle (XST_NIL, XS_TRANSACTION_START, "", NULL, - NULL, (VOID **) &IdStr); + &BufferSize, IdStr); if (Status =3D=3D XENSTORE_STATUS_SUCCESS) { Transaction->Id =3D (UINT32)AsciiStrDecimalToUintn (IdStr); - FreePool (IdStr); } =20 return Status; @@ -1358,7 +1339,24 @@ XenBusXenStoreRead ( OUT VOID **Value ) { - return XenStoreRead (Transaction, This->Node, Node, NULL, Value); + XENSTORE_STATUS Status; + UINTN BufferSize; + VOID *Buffer; + + BufferSize =3D XENSTORE_PAYLOAD_MAX + 1; + Buffer =3D AllocatePool (BufferSize); + if (Buffer =3D=3D NULL) { + return XENSTORE_STATUS_ENOMEM; + } + + Status =3D XenStoreRead (Transaction, This->Node, Node, &BufferSize, Buf= fer); + + if (Status =3D=3D XENSTORE_STATUS_SUCCESS) { + *Value =3D Buffer; + } else { + FreePool (Buffer); + } + return Status; } =20 XENSTORE_STATUS @@ -1370,7 +1368,24 @@ XenBusXenStoreBackendRead ( OUT VOID **Value ) { - return XenStoreRead (Transaction, This->Backend, Node, NULL, Value); + XENSTORE_STATUS Status; + UINTN BufferSize; + VOID *Buffer; + + BufferSize =3D XENSTORE_PAYLOAD_MAX + 1; + Buffer =3D AllocatePool (BufferSize); + if (Buffer =3D=3D NULL) { + return XENSTORE_STATUS_ENOMEM; + } + + Status =3D XenStoreRead (Transaction, This->Backend, Node, &BufferSize, = Buffer); + + if (Status =3D=3D XENSTORE_STATUS_SUCCESS) { + *Value =3D Buffer; + } else { + FreePool (Buffer); + } + return Status; } =20 XENSTORE_STATUS diff --git a/OvmfPkg/XenBusDxe/XenStore.h b/OvmfPkg/XenBusDxe/XenStore.h index effaad7336..13f7d132e6 100644 --- a/OvmfPkg/XenBusDxe/XenStore.h +++ b/OvmfPkg/XenBusDxe/XenStore.h @@ -64,29 +64,26 @@ XenStorePathExists ( ); =20 /** - Get the contents of a single "file". Returns the contents in *Result wh= ich - should be freed after use. The length of the value in bytes is returned= in - *LenPtr. + Get the contents of a single "file". Copy the contents in Buffer if + provided. The length of the value in bytes is returned in *BufferSize. =20 @param Transaction The XenStore transaction covering this request. @param DirectoryPath The dirname of the file to read. @param Node The basename of the file to read. - @param LenPtr The amount of data read. - @param Result The returned contents from this file. + @param BufferSize IN: size of the buffer + OUT: The returned length of the reply. + @param Buffer The returned body of the reply. =20 @return On success, XENSTORE_STATUS_SUCCESS. Otherwise an errno value indicating the type of failure. - - @note The results buffer is malloced and should be free'd by the - caller. **/ XENSTORE_STATUS XenStoreRead ( IN CONST XENSTORE_TRANSACTION *Transaction, IN CONST CHAR8 *DirectoryPath, IN CONST CHAR8 *Node, - OUT UINT32 *LenPtr OPTIONAL, - OUT VOID **Result + IN OUT UINTN *BufferSize, + OUT VOID *Buffer ); =20 /** --=20 Anthony PERARD -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#47213): https://edk2.groups.io/g/devel/message/47213 Mute This Topic: https://groups.io/mt/34128014/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-