On 29.10.20 15:58, Jan Beulich wrote:
On 26.10.2020 10:13, Juergen Gross wrote:@@ -1088,13 +1098,58 @@ static int cpupool_gran_read(const struct hypfs_entry *entry, return copy_to_guest(uaddr, name, strlen(name) + 1) ? -EFAULT : 0; }+static int cpupool_gran_write(struct hypfs_entry_leaf *leaf,+ XEN_GUEST_HANDLE_PARAM(void) uaddr, + unsigned int ulen) +{ + const struct hypfs_dyndir_id *data; + struct cpupool *cpupool; + enum sched_gran gran; + unsigned int sched_gran; + char name[SCHED_GRAN_NAME_LEN]; + int ret = 0; + + if ( ulen > SCHED_GRAN_NAME_LEN ) + return -ENOSPC; + + if ( copy_from_guest(name, uaddr, ulen) ) + return -EFAULT; + + sched_gran = sched_gran_get(name, &gran) ? 0 + : cpupool_check_granularity(gran); + if ( memchr(name, 0, ulen) != (name + ulen - 1) || sched_gran == 0 ) + return -EINVAL;I guess the memchr() check wants to happen before the call to sched_gran_get()?
Yes. Juergen
