On 17.05.21 16:01, Jan Beulich wrote:
On 13.05.2021 12:02, Juergen Gross wrote:In order to avoid a malicious backend being able to influence the local copy of a request build the request locally first and then copy it to the ring page instead of doing it the other way round as today.Signed-off-by: Juergen Gross <jgr...@suse.com>Reviewed-by: Jan Beulich <jbeul...@suse.com> with one remark/question:@@ -703,6 +704,7 @@ static int blkif_queue_rw_req(struct request *req,
struct blkfront_ring_info *ri
{ struct blkfront_info *info = rinfo->dev_info; struct blkif_request *ring_req, *extra_ring_req = NULL; + struct blkif_request *final_ring_req, *final_extra_ring_req;Without setting final_extra_ring_req to NULL just like is done for extra_ring_req, ...@@ -840,10 +845,10 @@ static int blkif_queue_rw_req(struct request *req, struct blkfront_ring_info *ri if (setup.segments) kunmap_atomic(setup.segments);- /* Keep a private copy so we can reissue requests when recovering. */- rinfo->shadow[id].req = *ring_req; + /* Copy request(s) to the ring page. */ + *final_ring_req = *ring_req; if (unlikely(require_extra_req)) - rinfo->shadow[extra_id].req = *extra_ring_req; + *final_extra_ring_req = *extra_ring_req;... are you sure all supported compilers will recognize the conditional use and not warn about use of a possibly uninitialized variable?
Hmm, probably better safe than sorry. Will change it. Juergen
OpenPGP_0xB0DE9DD628BF132F.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
