From owner-svn-src-all@freebsd.org Wed Nov 21 01:32:29 2018 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 87A3311455AF; Wed, 21 Nov 2018 01:32:29 +0000 (UTC) (envelope-from araujobsdport@gmail.com) Received: from mail-lj1-x230.google.com (mail-lj1-x230.google.com [IPv6:2a00:1450:4864:20::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id AF8A28EAEB; Wed, 21 Nov 2018 01:32:28 +0000 (UTC) (envelope-from araujobsdport@gmail.com) Received: by mail-lj1-x230.google.com with SMTP id g11-v6so3375235ljk.3; Tue, 20 Nov 2018 17:32:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:reply-to:from:date:message-id :subject:to:cc; bh=HHh1xudadHax7t48qsANHkBnb/KZepv3jiYEmofvgHw=; b=gwMHu1EzlosZHLoLaReYEP4OEXoM501vcQr9Vy5t4Y2kP21ITeoLIqPvRX2cP6E3Gm qqE3638oY38Bx4AJt8d3xfU0xSStDJd19/eGW1QKqQPiYlHOhb7B8mkhaso8iINT88jL hoEgqRHlvM0Dx+Lfacmp7gFjKSNvqmSW0hhOTr7hEqPdT2HVPcOYdJVPEz3PH8xQI+Eq er3VGwXM+VOlprQi1S5bnQlISGTeqaU6lyM4whSgXDzJlrze5MWgDaMRNxVz3cSoIAQW 59MqsihaiMW4IzeUVtiZSf6nlV8asBgmH3Oyqov4u2tIaozihPnJ8V9vfYy0pATEm25b gv1Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:reply-to :from:date:message-id:subject:to:cc; bh=HHh1xudadHax7t48qsANHkBnb/KZepv3jiYEmofvgHw=; b=hHwUSks6AryYYPK8F2RJej0SjicuBnEwSCBgORqOztRxn4wIYxDHwR5hMD/0DvbirQ pH28147+BLQsAcuJHllAivhG1BSbURDb8lUpnrLp5FgseDYIxZ0UCJcCPdrnYz46snzZ y8TqXNIbS9COkPiMzyFYDqESF3nNwFYLPO5NuCJsfG6H/Jky253kxvV5hWZOwmf+qE0Z EYifHGNGQv9gJ46pXDYduoqzAsT+7Ob1iPJJ4EcXCU1jPV1QGxUAQYW5ZtZxxwbv0MMd KjYuQBUhk28uN8dAtwk7noiLZ4Rs0k3sT8ut5ECP+PtqmOm3Nj7Vc5YlNOCJCn8h4TtG leMg== X-Gm-Message-State: AA+aEWbjVzVeB3e3mp3dIz9ZA8lA1Iw8JMKSdB2Ik6+8nS1i2U57y8iV 5VjsLkzhs6w+i6jjx3h7oqAs6oTUSVS5fMn1sgg= X-Google-Smtp-Source: AFSGD/Wpk1ypK/7xLfA2SgStGQsaryB+Z6tihLB9j9gBf/0N79C7I+JLuMXeCi0+5dgiTCQSsrtY2hEiBvhpNCPsM+M= X-Received: by 2002:a2e:5418:: with SMTP id i24-v6mr2823184ljb.51.1542763946834; Tue, 20 Nov 2018 17:32:26 -0800 (PST) MIME-Version: 1.0 References: <201811202221.wAKMLJ3W068166@repo.freebsd.org> <20181121002254.efitgf45bzajh5sj@mutt-hbsd> In-Reply-To: <20181121002254.efitgf45bzajh5sj@mutt-hbsd> Reply-To: araujo@freebsd.org From: Marcelo Araujo Date: Wed, 21 Nov 2018 09:32:14 +0800 Message-ID: Subject: Re: svn commit: r340707 - head/usr.sbin/bhyve To: Shawn Webb Cc: Marcelo Araujo , src-committers , svn-src-all@freebsd.org, svn-src-head@freebsd.org X-Rspamd-Queue-Id: AF8A28EAEB X-Spamd-Result: default: False [-3.63 / 15.00]; ARC_NA(0.00)[]; HAS_REPLYTO(0.00)[araujo@freebsd.org]; R_DKIM_ALLOW(-0.20)[gmail.com]; NEURAL_HAM_MEDIUM(-1.00)[-0.995,0]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; REPLYTO_DOM_NEQ_FROM_DOM(0.00)[]; NEURAL_HAM_LONG(-0.99)[-0.993,0]; URI_COUNT_ODD(1.00)[7]; RCPT_COUNT_FIVE(0.00)[5]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; MX_GOOD(-0.01)[cached: alt3.gmail-smtp-in.l.google.com]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; RCVD_IN_DNSWL_NONE(0.00)[0.3.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.5.4.1.0.0.a.2.list.dnswl.org : 127.0.5.0]; IP_SCORE(-0.65)[ipnet: 2a00:1450::/32(-1.58), asn: 15169(-1.58), country: US(-0.09)]; NEURAL_HAM_SHORT(-0.98)[-0.978,0]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; RCVD_COUNT_TWO(0.00)[2] X-Rspamd-Server: mx1.freebsd.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Nov 2018 01:32:29 -0000 Em qua, 21 de nov de 2018 =C3=A0s 08:23, Shawn Webb escreveu: > On Tue, Nov 20, 2018 at 10:21:19PM +0000, Marcelo Araujo wrote: > > Author: araujo > > Date: Tue Nov 20 22:21:19 2018 > > New Revision: 340707 > > URL: https://svnweb.freebsd.org/changeset/base/340707 > > > > Log: > > Define AHCI_PORT_IDENT and increase by 1 the VTBLK_BLK_ID_BYTES > > to avoid buffer accessed out of bounds, also switch to snprintf(3). > > > > PR: 200859 > > Submitted by: Caglar > > Obtained from: https://github.com/mist64/xhyve/pull/24 > > MFC after: 4 weeks > > Sponsored by: iXsystems Inc. > > > > Modified: > > head/usr.sbin/bhyve/pci_ahci.c > > head/usr.sbin/bhyve/pci_virtio_block.c > > > > Modified: head/usr.sbin/bhyve/pci_ahci.c > > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D > > --- head/usr.sbin/bhyve/pci_ahci.c Tue Nov 20 22:12:10 2018 > (r340706) > > +++ head/usr.sbin/bhyve/pci_ahci.c Tue Nov 20 22:21:19 2018 > (r340707) > > @@ -105,7 +105,7 @@ enum sata_fis_type { > > * ATA commands > > */ > > #define ATA_SF_ENAB_SATA_SF 0x10 > > -#define ATA_SATA_SF_AN 0x05 > > +#define ATA_SATA_SF_AN 0x05 > > #define ATA_SF_DIS_SATA_SF 0x90 > > > > /* > > @@ -119,6 +119,8 @@ static FILE *dbg; > > #endif > > #define WPRINTF(format, arg...) printf(format, ##arg) > > > > +#define AHCI_PORT_IDENT 20 + 1 > > + > > struct ahci_ioreq { > > struct blockif_req io_req; > > struct ahci_port *io_pr; > > @@ -136,7 +138,7 @@ struct ahci_port { > > struct pci_ahci_softc *pr_sc; > > uint8_t *cmd_lst; > > uint8_t *rfis; > > - char ident[20 + 1]; > > + char ident[AHCI_PORT_IDENT]; > > int port; > > int atapi; > > int reset; > > @@ -2374,7 +2376,8 @@ pci_ahci_init(struct vmctx *ctx, struct > pci_devinst *p > > MD5Init(&mdctx); > > MD5Update(&mdctx, opts, strlen(opts)); > > MD5Final(digest, &mdctx); > > - sprintf(sc->port[p].ident, > "BHYVE-%02X%02X-%02X%02X-%02X%02X", > > + snprintf(sc->port[p].ident, AHCI_PORT_IDENT, > > + "BHYVE-%02X%02X-%02X%02X-%02X%02X", > > digest[0], digest[1], digest[2], digest[3], digest[4]= , > > digest[5]); > > > > > > Modified: head/usr.sbin/bhyve/pci_virtio_block.c > > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D > > --- head/usr.sbin/bhyve/pci_virtio_block.c Tue Nov 20 22:12:10 2018 > (r340706) > > +++ head/usr.sbin/bhyve/pci_virtio_block.c Tue Nov 20 22:21:19 2018 > (r340707) > > @@ -61,7 +61,7 @@ __FBSDID("$FreeBSD$"); > > #define VTBLK_S_IOERR 1 > > #define VTBLK_S_UNSUPP 2 > > > > -#define VTBLK_BLK_ID_BYTES 20 > > +#define VTBLK_BLK_ID_BYTES 20 + 1 > > > > /* Capability bits */ > > #define VTBLK_F_SEG_MAX (1 << 2) /* Maximum reques= t > segments */ > > @@ -344,7 +344,8 @@ pci_vtblk_init(struct vmctx *ctx, struct pci_devins= t > * > > MD5Init(&mdctx); > > MD5Update(&mdctx, opts, strlen(opts)); > > MD5Final(digest, &mdctx); > > - sprintf(sc->vbsc_ident, "BHYVE-%02X%02X-%02X%02X-%02X%02X", > > + snprintf(sc->vbsc_ident, VTBLK_BLK_ID_BYTES, > > + "BHYVE-%02X%02X-%02X%02X-%02X%02X", > > digest[0], digest[1], digest[2], digest[3], digest[4], > digest[5]); > > > > /* setup virtio block config space */ > > Hey Marcelo, > > Thanks for committing this. Could VTBLK_BLK_ID_BYTES and > AHCI_PORT_IDENT be merged into the same macro, defined in > usr.sbin/bhyve/pci_emul.h? Especially since both equate to the same > value. > The macro could be merged, but it is safer to have it in this way, in case something changes specifically for one of the drivers. I don't think pci_emul.h would be the right place for that, this file is in charge of PCI emulation functions and it is pretty much generic among the other drivers. Best. > > Thanks, > > -- > Shawn Webb > Cofounder and Security Engineer > HardenedBSD > > Tor-ified Signal: +1 443-546-8752 > Tor+XMPP+OTR: lattera@is.a.hacker.sx > GPG Key ID: 0x6A84658F52456EEE > GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE > --=20 --=20 Marcelo Araujo (__)araujo@FreeBSD.org \\\'',)http://www.FreeBSD.org \/ \ ^ Power To Server. .\. /_)