From nobody Fri May 3 00:07:10 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zoho.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1490768053045629.7142224909453; Tue, 28 Mar 2017 23:14:13 -0700 (PDT) Received: from localhost ([::1]:56807 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ct6rz-0004ns-Lt for importer@patchew.org; Wed, 29 Mar 2017 02:14:11 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:36993) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1ct6qu-0004De-Vy for qemu-devel@nongnu.org; Wed, 29 Mar 2017 02:13:06 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1ct6qq-00043W-V2 for qemu-devel@nongnu.org; Wed, 29 Mar 2017 02:13:04 -0400 Received: from mx1.redhat.com ([209.132.183.28]:54676) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1ct6qq-00043O-Mw for qemu-devel@nongnu.org; Wed, 29 Mar 2017 02:13:00 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id C244E64D90; Wed, 29 Mar 2017 06:12:59 +0000 (UTC) Received: from jason-ThinkPad-T450s.redhat.com (vpn1-7-133.pek2.redhat.com [10.72.7.133]) by smtp.corp.redhat.com (Postfix) with ESMTP id D12CA933F6; Wed, 29 Mar 2017 06:12:53 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com C244E64D90 Authentication-Results: ext-mx09.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx09.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=jasowang@redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com C244E64D90 From: Jason Wang To: pbonzini@redhat.com, crosthwaite.peter@gmail.com, rth@twiddle.net, mst@redhat.com, qemu-devel@nongnu.org Date: Wed, 29 Mar 2017 14:12:50 +0800 Message-Id: <1490767970-23689-1-git-send-email-jasowang@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Wed, 29 Mar 2017 06:12:59 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH] exec: don't return int64_t in address_space_cache_init() X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Cornelia Huck , Jason Wang Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" We return int64_t as the length of region cache but accept hwaddr as the required length. This is wrong and may confuse the caller since the it can lead comparison between signed and unsigned types. The caller can not catch the failure in this case. Fixing this by returning hwaddr and return zero on failure. Fixes: 5eba0404b9829 ("virtio: use MemoryRegionCache to access descriptors") Fixes: e45da65322386 ("virtio: validate address space cache during init") Cc: Cornelia Huck Cc: Paolo Bonzini Signed-off-by: Jason Wang --- exec.c | 12 ++++++------ hw/virtio/virtio.c | 7 +++---- include/exec/memory.h | 13 ++++++------- 3 files changed, 15 insertions(+), 17 deletions(-) diff --git a/exec.c b/exec.c index e57a8a2..9b71174 100644 --- a/exec.c +++ b/exec.c @@ -3230,11 +3230,11 @@ void cpu_physical_memory_unmap(void *buffer, hwaddr= len, #define RCU_READ_UNLOCK(...) rcu_read_unlock() #include "memory_ldst.inc.c" =20 -int64_t address_space_cache_init(MemoryRegionCache *cache, - AddressSpace *as, - hwaddr addr, - hwaddr len, - bool is_write) +hwaddr address_space_cache_init(MemoryRegionCache *cache, + AddressSpace *as, + hwaddr addr, + hwaddr len, + bool is_write) { hwaddr l, xlat; MemoryRegion *mr; @@ -3245,7 +3245,7 @@ int64_t address_space_cache_init(MemoryRegionCache *c= ache, l =3D len; mr =3D address_space_translate(as, addr, &xlat, &l, is_write); if (!memory_access_is_direct(mr, is_write)) { - return -EINVAL; + return 0; } =20 l =3D address_space_extend_translation(as, addr, len, mr, xlat, l, is_= write); diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c index 03592c5..3482be2 100644 --- a/hw/virtio/virtio.c +++ b/hw/virtio/virtio.c @@ -129,9 +129,8 @@ static void virtio_init_region_cache(VirtIODevice *vdev= , int n) VirtQueue *vq =3D &vdev->vq[n]; VRingMemoryRegionCaches *old =3D vq->vring.caches; VRingMemoryRegionCaches *new; - hwaddr addr, size; + hwaddr addr, size, len; int event_size; - int64_t len; =20 event_size =3D virtio_vdev_has_feature(vq->vdev, VIRTIO_RING_F_EVENT_I= DX) ? 2 : 0; =20 @@ -586,7 +585,7 @@ void virtqueue_get_avail_bytes(VirtQueue *vq, unsigned = int *in_bytes, unsigned int total_bufs, in_total, out_total; VRingMemoryRegionCaches *caches; MemoryRegionCache indirect_desc_cache =3D MEMORY_REGION_CACHE_INVALID; - int64_t len =3D 0; + hwaddr len =3D 0; int rc; =20 if (unlikely(!vq->vring.desc)) { @@ -831,7 +830,7 @@ void *virtqueue_pop(VirtQueue *vq, size_t sz) VRingMemoryRegionCaches *caches; MemoryRegionCache indirect_desc_cache =3D MEMORY_REGION_CACHE_INVALID; MemoryRegionCache *desc_cache; - int64_t len; + hwaddr len; VirtIODevice *vdev =3D vq->vdev; VirtQueueElement *elem =3D NULL; unsigned out_num, in_num; diff --git a/include/exec/memory.h b/include/exec/memory.h index e39256a..932dd00 100644 --- a/include/exec/memory.h +++ b/include/exec/memory.h @@ -1444,8 +1444,7 @@ struct MemoryRegionCache { * @is_write: indicates the transfer direction * * Will only work with RAM, and may map a subset of the requested range by - * returning a value that is less than @len. On failure, return a negative - * errno value. + * returning a value that is less than @len. On failure, return zero. * * Because it only works with RAM, this function can be used for * read-modify-write operations. In this case, is_write should be %true. @@ -1453,11 +1452,11 @@ struct MemoryRegionCache { * Note that addresses passed to the address_space_*_cached functions * are relative to @addr. */ -int64_t address_space_cache_init(MemoryRegionCache *cache, - AddressSpace *as, - hwaddr addr, - hwaddr len, - bool is_write); +hwaddr address_space_cache_init(MemoryRegionCache *cache, + AddressSpace *as, + hwaddr addr, + hwaddr len, + bool is_write); =20 /** * address_space_cache_invalidate: complete a write to a #MemoryRegionCache --=20 2.7.4