1. Patchew
  2. Xen
  3. [PATCH 0/2] gnttab: hypervisor side XSA-448 follow-up
  4. View patch

[PATCH 1/2] gnttab: fully ignore zero-size copy requests

Jan Beulich posted 2 patches 8 months, 2 weeks ago
There is a newer version of this series
[PATCH 1/2] gnttab: fully ignore zero-size copy requests
Posted by Jan Beulich 8 months, 2 weeks ago 
Along the line with observations in the context of XSA-448, no field in
struct gnttab_copy_ptr is relevant when no data is to be copied, much
like e.g. the pointers passed to memcpy() are irrelevant (and would
never be "validated") when the passed length is zero.

Signed-off-by: Jan Beulich <jbeulich@suse.com>

--- a/xen/common/grant_table.c
+++ b/xen/common/grant_table.c
@@ -3061,6 +3061,9 @@ static int gnttab_copy_one(const struct
 {
     int rc;
 
+    if ( unlikely(!op->len) )
+        return GNTST_okay;
+
     if ( !src->domain || op->source.domid != src->ptr.domid ||
          !dest->domain || op->dest.domid != dest->ptr.domid )
     {
Re: [PATCH 1/2] gnttab: fully ignore zero-size copy requests
Posted by Julien Grall 8 months ago 
Hi Jan,

On 05/02/2024 11:03, Jan Beulich wrote:
> Along the line with observations in the context of XSA-448, no field in
> struct gnttab_copy_ptr is relevant when no data is to be copied, much
> like e.g. the pointers passed to memcpy() are irrelevant (and would
> never be "validated") when the passed length is zero.
> 
> Signed-off-by: Jan Beulich <jbeulich@suse.com>

Reviewed-by: Julien Grall <jgrall@amazon.com>

Cheers,

-- 
Julien Grall

Patchew 2.1-devel-b67e4c2

© 2016 - 2024 Red Hat, Inc.