diff mbox

[v5,29/33] nvdimm acpi: support Get Namespace Label Data function

Message ID 1446071191-62591-30-git-send-email-guangrong.xiao@linux.intel.com (mailing list archive)
State New, archived
Headers show

Commit Message

Xiao Guangrong Oct. 28, 2015, 10:26 p.m. UTC 
Function 5 is used to get Namespace Label Data

Signed-off-by: Xiao Guangrong <guangrong.xiao@linux.intel.com>
---
 hw/acpi/nvdimm.c | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 48 insertions(+)

Comments

Stefan Hajnoczi Oct. 28, 2015, 4:46 p.m. UTC | #1 
On Wed, Oct 28, 2015 at 10:26:27PM +0000, Xiao Guangrong wrote:
> +static void nvdimm_dsm_func_get_label_data(NVDIMMDevice *nvdimm,
> +                                           nvdimm_dsm_in *in, GArray *out)
> +{
> +    NVDIMMClass *nvc = NVDIMM_GET_CLASS(nvdimm);
> +    nvdimm_func_in_get_label_data *get_label_data = &in->func_get_label_data;
> +    void *buf;
> +    uint32_t status = NVDIMM_DSM_STATUS_SUCCESS;
> +
> +    le32_to_cpus(&get_label_data->offset);
> +    le32_to_cpus(&get_label_data->length);
> +
> +    nvdimm_debug("Read Label Data: offset %#x length %#x.\n",
> +                 get_label_data->offset, get_label_data->length);
> +
> +    if (nvdimm->label_size < get_label_data->offset + get_label_data->length) {

Integer overflow isn't handled here and it's unclear if that can cause
problems later on.  It's safest to catch it right away instead of
relying on nvc->read_label_data() to check again.
Xiao Guangrong Oct. 29, 2015, 2:25 a.m. UTC | #2 
On 10/29/2015 12:46 AM, Stefan Hajnoczi wrote:
> On Wed, Oct 28, 2015 at 10:26:27PM +0000, Xiao Guangrong wrote:
>> +static void nvdimm_dsm_func_get_label_data(NVDIMMDevice *nvdimm,
>> +                                           nvdimm_dsm_in *in, GArray *out)
>> +{
>> +    NVDIMMClass *nvc = NVDIMM_GET_CLASS(nvdimm);
>> +    nvdimm_func_in_get_label_data *get_label_data = &in->func_get_label_data;
>> +    void *buf;
>> +    uint32_t status = NVDIMM_DSM_STATUS_SUCCESS;
>> +
>> +    le32_to_cpus(&get_label_data->offset);
>> +    le32_to_cpus(&get_label_data->length);
>> +
>> +    nvdimm_debug("Read Label Data: offset %#x length %#x.\n",
>> +                 get_label_data->offset, get_label_data->length);
>> +
>> +    if (nvdimm->label_size < get_label_data->offset + get_label_data->length) {
>
> Integer overflow isn't handled here and it's unclear if that can cause
> problems later on.  It's safest to catch it right away instead of
> relying on nvc->read_label_data() to check again.
>

Good catch, Stefan! I will fix it by adding a additional check:

if (get_label_data->offset + get_label_data->length > get_label_data->offset) {
	nvdimm_debug("offset ?#x + length %#x overflowed.\n");
	status = NVDIMM_DSM_DEV_STATUS_INVALID_PARAS;
	goto exit;
}

--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Xiao Guangrong Oct. 29, 2015, 2:58 a.m. UTC | #3 
On 10/29/2015 10:25 AM, Xiao Guangrong wrote:
>
>
> On 10/29/2015 12:46 AM, Stefan Hajnoczi wrote:
>> On Wed, Oct 28, 2015 at 10:26:27PM +0000, Xiao Guangrong wrote:
>>> +static void nvdimm_dsm_func_get_label_data(NVDIMMDevice *nvdimm,
>>> +                                           nvdimm_dsm_in *in, GArray *out)
>>> +{
>>> +    NVDIMMClass *nvc = NVDIMM_GET_CLASS(nvdimm);
>>> +    nvdimm_func_in_get_label_data *get_label_data = &in->func_get_label_data;
>>> +    void *buf;
>>> +    uint32_t status = NVDIMM_DSM_STATUS_SUCCESS;
>>> +
>>> +    le32_to_cpus(&get_label_data->offset);
>>> +    le32_to_cpus(&get_label_data->length);
>>> +
>>> +    nvdimm_debug("Read Label Data: offset %#x length %#x.\n",
>>> +                 get_label_data->offset, get_label_data->length);
>>> +
>>> +    if (nvdimm->label_size < get_label_data->offset + get_label_data->length) {
>>
>> Integer overflow isn't handled here and it's unclear if that can cause
>> problems later on.  It's safest to catch it right away instead of
>> relying on nvc->read_label_data() to check again.
>>
>
> Good catch, Stefan! I will fix it by adding a additional check:
>
> if (get_label_data->offset + get_label_data->length > get_label_data->offset) {
                                                       <
Sorry for the typo.


--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
diff mbox

Patch

diff --git a/hw/acpi/nvdimm.c b/hw/acpi/nvdimm.c
index 72203d2..5b621ed 100644
--- a/hw/acpi/nvdimm.c
+++ b/hw/acpi/nvdimm.c
@@ -428,6 +428,7 @@  struct nvdimm_dsm_in {
     union {
         uint8_t arg3[0];
         nvdimm_func_in_set_label_data func_set_label_data;
+        nvdimm_func_in_get_label_data func_get_label_data;
     };
 } QEMU_PACKED;
 typedef struct nvdimm_dsm_in nvdimm_dsm_in;
@@ -527,6 +528,50 @@  static void nvdimm_dsm_func_label_size(NVDIMMDevice *nvdimm, GArray *out)
     g_array_append_vals(out, &func_label_size, sizeof(func_label_size));
 }
 
+/*
+ * DSM Spec Rev1 4.5 Get Namespace Label Data (Function Index 5).
+ */
+static void nvdimm_dsm_func_get_label_data(NVDIMMDevice *nvdimm,
+                                           nvdimm_dsm_in *in, GArray *out)
+{
+    NVDIMMClass *nvc = NVDIMM_GET_CLASS(nvdimm);
+    nvdimm_func_in_get_label_data *get_label_data = &in->func_get_label_data;
+    void *buf;
+    uint32_t status = NVDIMM_DSM_STATUS_SUCCESS;
+
+    le32_to_cpus(&get_label_data->offset);
+    le32_to_cpus(&get_label_data->length);
+
+    nvdimm_debug("Read Label Data: offset %#x length %#x.\n",
+                 get_label_data->offset, get_label_data->length);
+
+    if (nvdimm->label_size < get_label_data->offset + get_label_data->length) {
+        nvdimm_debug("position %#x is beyond label data (len = %#lx).\n",
+                     get_label_data->offset + get_label_data->length,
+                     nvdimm->label_size);
+        status = NVDIMM_DSM_DEV_STATUS_INVALID_PARAS;
+        goto exit;
+    }
+
+    if (get_label_data->length > nvdimm_get_max_xfer_label_size()) {
+        nvdimm_debug("get length (%#x) is larger than max_xfer (%#x).\n",
+                     get_label_data->length, nvdimm_get_max_xfer_label_size());
+        status = NVDIMM_DSM_DEV_STATUS_INVALID_PARAS;
+        goto exit;
+    }
+
+    /* write nvdimm_func_out_get_label_data.status. */
+    nvdimm_dsm_write_status(out, status);
+    /* write nvdimm_func_out_get_label_data.out_buf. */
+    buf = acpi_data_push(out, get_label_data->length);
+    nvc->read_label_data(nvdimm, buf, get_label_data->length,
+                         get_label_data->offset);
+    return;
+
+exit:
+    nvdimm_dsm_write_status(out, status);
+}
+
 static void nvdimm_dsm_device(nvdimm_dsm_in *in, GArray *out)
 {
     GSList *list = nvdimm_get_plugged_device_list();
@@ -554,6 +599,9 @@  static void nvdimm_dsm_device(nvdimm_dsm_in *in, GArray *out)
     case 0x4 /* Get Namespace Label Size */:
         nvdimm_dsm_func_label_size(nvdimm, out);
         goto free;
+    case 0x5 /* Get Namespace Label Data */:
+        nvdimm_dsm_func_get_label_data(nvdimm, in, out);
+        goto free;
     default:
         status = NVDIMM_DSM_STATUS_NOT_SUPPORTED;
     };