qemu-ppc
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-ppc] [PATCH qemu v7] memory/iommu: QOM'fy IOMMU MemoryRegion

From: Paolo Bonzini
Subject: Re: [Qemu-ppc] [PATCH qemu v7] memory/iommu: QOM'fy IOMMU MemoryRegion
Date: Thu, 8 Jun 2017 16:40:05 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.1.0 

On 08/06/2017 16:28, Alexey Kardashevskiy wrote:
>>> +void memory_region_init_iommu_type(const char *mrtypename,
>>> +                                   IOMMUMemoryRegion *iommu_mr,
>>> +                                   Object *owner,
>>> +                                   const MemoryRegionIOMMUOps *ops,
>>> +                                   const char *name,
>>> +                                   uint64_t size)
>>>  {
>>> -    memory_region_init(mr, owner, name, size);
>>> -    mr->iommu_ops = ops,
>>> +    struct MemoryRegion *mr;
>>> +    size_t instance_size = object_type_get_instance_size(mrtypename);
>>> +
>>> +    object_initialize(iommu_mr, instance_size, mrtypename);
>> This looks exceedingly dangerous.  AIUI, the entire purpose of the
>> size parameter to object_initialize() (which can certainly get the
>> instance size from the type, just as you do) is to verify that the
>> buffer you're initializing actually has space for the object type
>> you're putting there.
>>
>> By looking up the instance size yourself and passing it to
>> object_initialize(), you're disabling that check.
>>
>> If someone allocates an array of plain IOMMUMemoryRegion structures,
>> then uses this to initialize a derived IOMMU MR type with more fields,
>> the user will get no warning that something is wrong before the memory
>> corruption starts.
> Hm. How can I fix it then for a generic case? Pass the actual amount of
> bytes occupied by *iommu_mr?

Yes, like object_initialize.

Paolo
reply via email to
[Prev in Thread] Current Thread [Next in Thread]