[PULL,03/16] net: validate that ids are well formed

Message ID	1615529786-30763-4-git-send-email-jasowang@redhat.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <SRS0=YZIX=IK=nongnu.org=qemu-devel-bounces+qemu-devel=archiver.kernel.org@kernel.org> DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 9081164F85 From: Jason Wang <jasowang@redhat.com> To: peter.maydell@linaro.org Subject: [PULL 03/16] net: validate that ids are well formed Date: Fri, 12 Mar 2021 14:16:13 +0800 Message-Id: <1615529786-30763-4-git-send-email-jasowang@redhat.com> In-Reply-To: <1615529786-30763-1-git-send-email-jasowang@redhat.com> References: <1615529786-30763-1-git-send-email-jasowang@redhat.com> Content-Type: text/plain; charset="US-ASCII" Received-SPF: pass client-ip=216.205.24.124; envelope-from=jasowang@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -29 X-Spam_score: -3.0 X-Spam_bar: --- X-Spam_report: (-3.0 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.25, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action Precedence: list Cc: Paolo Bonzini <pbonzini@redhat.com>, Jason Wang <jasowang@redhat.com>, qemu-devel@nongnu.org Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org>
Series	[PULL,01/16] virtio-net: calculating proper msix vectors on init \| expand [PULL,01/16] virtio-net: calculating proper msix vectors on init [PULL,02/16] net: Fix build error when DEBUG_NET is on [PULL,03/16] net: validate that ids are well formed [PULL,04/16] net: unbreak well-form id check for "-nic" [PULL,05/16] e1000: fail early for evil descriptor [PULL,06/16] net: introduce qemu_receive_packet() [PULL,07/16] e1000: switch to use qemu_receive_packet() for loopback [PULL,08/16] dp8393x: switch to use qemu_receive_packet() for loopback packet [PULL,09/16] msf2-mac: switch to use qemu_receive_packet() for loopback [PULL,10/16] sungem: switch to use qemu_receive_packet() for loopback [PULL,11/16] tx_pkt: switch to use qemu_receive_packet_iov() for loopback [PULL,12/16] rtl8139: switch to use qemu_receive_packet() for loopback [PULL,13/16] pcnet: switch to use qemu_receive_packet() for loopback [PULL,14/16] cadence_gem: switch to use qemu_receive_packet() for loopback [PULL,15/16] lan9118: switch to use qemu_receive_packet() for loopback [PULL,16/16] pvrdma: wean code off pvrdma_ring.h kernel header

Message ID

1615529786-30763-4-git-send-email-jasowang@redhat.com (mailing list archive)

State

New, archived

Headers

DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 9081164F85
From: Jason Wang <jasowang@redhat.com>
To: peter.maydell@linaro.org
Subject: [PULL 03/16] net: validate that ids are well formed
Date: Fri, 12 Mar 2021 14:16:13 +0800
Message-Id: <1615529786-30763-4-git-send-email-jasowang@redhat.com>
In-Reply-To: <1615529786-30763-1-git-send-email-jasowang@redhat.com>
References: <1615529786-30763-1-git-send-email-jasowang@redhat.com>
Content-Type: text/plain; charset="US-ASCII"
Received-SPF: pass client-ip=216.205.24.124;
 envelope-from=jasowang@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -29
X-Spam_score: -3.0
X-Spam_bar: ---
X-Spam_report: (-3.0 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.25,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Cc: Paolo Bonzini <pbonzini@redhat.com>, Jason Wang <jasowang@redhat.com>,
 qemu-devel@nongnu.org
Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org
Sender: "Qemu-devel"
 <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org>

Series

[PULL,01/16] virtio-net: calculating proper msix vectors on init | expand

Commit Message

Jason Wang March 12, 2021, 6:16 a.m. UTC

From: Paolo Bonzini <pbonzini@redhat.com>

When a network or network device is created from the command line or HMP,
QemuOpts ensures that the id passes the id_wellformed check.  However,
QMP skips this:

   $ qemu-system-x86_64 -qmp stdio -S -nic user,id=123/456
   qemu-system-x86_64: -nic user,id=123/456: Parameter id expects an identifier
   Identifiers consist of letters, digits, -, ., _, starting with a letter.

   $ qemu-system-x86_64 -qmp stdio -S
   {"execute":"qmp_capabilities"}
   {"return": {}}
   {"execute":"netdev_add", "arguments": {"type": "user", "id": "123/456"}}
   {"return": {}}

After:

   $ qemu-system-x86_64 -qmp stdio -S
   {"execute":"qmp_capabilities"}
   {"return": {}}
   {"execute":"netdev_add", "arguments": {"type": "user", "id": "123/456"}}
   {"error": {"class": "GenericError", "desc": "Parameter "id" expects an identifier"}}

Validity checks should be performed always at the bottom of the call chain,
because QMP skips all the steps above.  Do this for the network subsystem.

Cc: Jason Wang <jasowang@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
---
 net/net.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

Comments

Paolo Bonzini March 12, 2021, 8:44 a.m. UTC | #1

On 12/03/21 07:16, Jason Wang wrote:
> From: Paolo Bonzini <pbonzini@redhat.com>
> 
> When a network or network device is created from the command line or HMP,
> QemuOpts ensures that the id passes the id_wellformed check.  However,
> QMP skips this:
> 
>     $ qemu-system-x86_64 -qmp stdio -S -nic user,id=123/456
>     qemu-system-x86_64: -nic user,id=123/456: Parameter id expects an identifier
>     Identifiers consist of letters, digits, -, ., _, starting with a letter.
> 
>     $ qemu-system-x86_64 -qmp stdio -S
>     {"execute":"qmp_capabilities"}
>     {"return": {}}
>     {"execute":"netdev_add", "arguments": {"type": "user", "id": "123/456"}}
>     {"return": {}}
> 
> After:
> 
>     $ qemu-system-x86_64 -qmp stdio -S
>     {"execute":"qmp_capabilities"}
>     {"return": {}}
>     {"execute":"netdev_add", "arguments": {"type": "user", "id": "123/456"}}
>     {"error": {"class": "GenericError", "desc": "Parameter "id" expects an identifier"}}
> 
> Validity checks should be performed always at the bottom of the call chain,
> because QMP skips all the steps above.  Do this for the network subsystem.
> 
> Cc: Jason Wang <jasowang@redhat.com>
> Reviewed-by: Eric Blake <eblake@redhat.com>
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> Signed-off-by: Jason Wang <jasowang@redhat.com>
> ---
>   net/net.c | 12 ++++++++++++
>   1 file changed, 12 insertions(+)
> 
> diff --git a/net/net.c b/net/net.c
> index 9c784da..d36729f 100644
> --- a/net/net.c
> +++ b/net/net.c
> @@ -44,6 +44,7 @@
>   #include "qemu/cutils.h"
>   #include "qemu/config-file.h"
>   #include "qemu/ctype.h"
> +#include "qemu/id.h"
>   #include "qemu/iov.h"
>   #include "qemu/qemu-print.h"
>   #include "qemu/main-loop.h"
> @@ -1011,6 +1012,17 @@ static int net_client_init1(const Netdev *netdev, bool is_netdev, Error **errp)
>           }
>       }
>   
> +    /*
> +     * The id for -net has already been checked by QemuOpts and
> +     * could be automatically generated, in which case it is not
> +     * well-formed by design.  HMP and QMP only call us with
> +     * is_netdev == true.
> +     */
> +    if (is_netdev && !id_wellformed(netdev->id)) {
> +        error_setg(errp, QERR_INVALID_PARAMETER_VALUE, "id", "an identifier");
> +        return -1;
> +    }
> +
>       nc = qemu_find_netdev(netdev->id);
>       if (nc) {
>           error_setg(errp, "Duplicate ID '%s'", netdev->id);
> 

Sorry, I sent v2 yesterday.  This patch passed the tests at the time it 
was submitted, but now fails (because it does not work with -nic).

Paolo

Jason Wang March 12, 2021, 1:26 p.m. UTC | #2

On 2021/3/12 4:44 下午, Paolo Bonzini wrote:
> On 12/03/21 07:16, Jason Wang wrote:
>> From: Paolo Bonzini <pbonzini@redhat.com>
>>
>> When a network or network device is created from the command line or 
>> HMP,
>> QemuOpts ensures that the id passes the id_wellformed check. However,
>> QMP skips this:
>>
>>     $ qemu-system-x86_64 -qmp stdio -S -nic user,id=123/456
>>     qemu-system-x86_64: -nic user,id=123/456: Parameter id expects an 
>> identifier
>>     Identifiers consist of letters, digits, -, ., _, starting with a 
>> letter.
>>
>>     $ qemu-system-x86_64 -qmp stdio -S
>>     {"execute":"qmp_capabilities"}
>>     {"return": {}}
>>     {"execute":"netdev_add", "arguments": {"type": "user", "id": 
>> "123/456"}}
>>     {"return": {}}
>>
>> After:
>>
>>     $ qemu-system-x86_64 -qmp stdio -S
>>     {"execute":"qmp_capabilities"}
>>     {"return": {}}
>>     {"execute":"netdev_add", "arguments": {"type": "user", "id": 
>> "123/456"}}
>>     {"error": {"class": "GenericError", "desc": "Parameter "id" 
>> expects an identifier"}}
>>
>> Validity checks should be performed always at the bottom of the call 
>> chain,
>> because QMP skips all the steps above.  Do this for the network 
>> subsystem.
>>
>> Cc: Jason Wang <jasowang@redhat.com>
>> Reviewed-by: Eric Blake <eblake@redhat.com>
>> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
>> Signed-off-by: Jason Wang <jasowang@redhat.com>
>> ---
>>   net/net.c | 12 ++++++++++++
>>   1 file changed, 12 insertions(+)
>>
>> diff --git a/net/net.c b/net/net.c
>> index 9c784da..d36729f 100644
>> --- a/net/net.c
>> +++ b/net/net.c
>> @@ -44,6 +44,7 @@
>>   #include "qemu/cutils.h"
>>   #include "qemu/config-file.h"
>>   #include "qemu/ctype.h"
>> +#include "qemu/id.h"
>>   #include "qemu/iov.h"
>>   #include "qemu/qemu-print.h"
>>   #include "qemu/main-loop.h"
>> @@ -1011,6 +1012,17 @@ static int net_client_init1(const Netdev 
>> *netdev, bool is_netdev, Error **errp)
>>           }
>>       }
>>   +    /*
>> +     * The id for -net has already been checked by QemuOpts and
>> +     * could be automatically generated, in which case it is not
>> +     * well-formed by design.  HMP and QMP only call us with
>> +     * is_netdev == true.
>> +     */
>> +    if (is_netdev && !id_wellformed(netdev->id)) {
>> +        error_setg(errp, QERR_INVALID_PARAMETER_VALUE, "id", "an 
>> identifier");
>> +        return -1;
>> +    }
>> +
>>       nc = qemu_find_netdev(netdev->id);
>>       if (nc) {
>>           error_setg(errp, "Duplicate ID '%s'", netdev->id);
>>
>
> Sorry, I sent v2 yesterday.  This patch passed the tests at the time 
> it was submitted, but now fails (because it does not work with -nic).


I don't see that. But I add a fixup in the pull request:

https://lists.gnu.org/archive/html/qemu-devel/2021-03/msg04237.html

If it doesn't make sense, I will drop this and send a new pull request 
next week.

THanks


>
> Paolo
>
>

Paolo Bonzini March 12, 2021, 2:23 p.m. UTC | #3

On 12/03/21 14:26, Jason Wang wrote:
> 
> On 2021/3/12 4:44 下午, Paolo Bonzini wrote:
>> On 12/03/21 07:16, Jason Wang wrote:
>>> From: Paolo Bonzini <pbonzini@redhat.com>
>>>
>>> When a network or network device is created from the command line or 
>>> HMP,
>>> QemuOpts ensures that the id passes the id_wellformed check. However,
>>> QMP skips this:
>>>
>>>     $ qemu-system-x86_64 -qmp stdio -S -nic user,id=123/456
>>>     qemu-system-x86_64: -nic user,id=123/456: Parameter id expects an 
>>> identifier
>>>     Identifiers consist of letters, digits, -, ., _, starting with a 
>>> letter.
>>>
>>>     $ qemu-system-x86_64 -qmp stdio -S
>>>     {"execute":"qmp_capabilities"}
>>>     {"return": {}}
>>>     {"execute":"netdev_add", "arguments": {"type": "user", "id": 
>>> "123/456"}}
>>>     {"return": {}}
>>>
>>> After:
>>>
>>>     $ qemu-system-x86_64 -qmp stdio -S
>>>     {"execute":"qmp_capabilities"}
>>>     {"return": {}}
>>>     {"execute":"netdev_add", "arguments": {"type": "user", "id": 
>>> "123/456"}}
>>>     {"error": {"class": "GenericError", "desc": "Parameter "id" 
>>> expects an identifier"}}
>>>
>>> Validity checks should be performed always at the bottom of the call 
>>> chain,
>>> because QMP skips all the steps above.  Do this for the network 
>>> subsystem.
>>>
>>> Cc: Jason Wang <jasowang@redhat.com>
>>> Reviewed-by: Eric Blake <eblake@redhat.com>
>>> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
>>> Signed-off-by: Jason Wang <jasowang@redhat.com>
>>> ---
>>>   net/net.c | 12 ++++++++++++
>>>   1 file changed, 12 insertions(+)
>>>
>>> diff --git a/net/net.c b/net/net.c
>>> index 9c784da..d36729f 100644
>>> --- a/net/net.c
>>> +++ b/net/net.c
>>> @@ -44,6 +44,7 @@
>>>   #include "qemu/cutils.h"
>>>   #include "qemu/config-file.h"
>>>   #include "qemu/ctype.h"
>>> +#include "qemu/id.h"
>>>   #include "qemu/iov.h"
>>>   #include "qemu/qemu-print.h"
>>>   #include "qemu/main-loop.h"
>>> @@ -1011,6 +1012,17 @@ static int net_client_init1(const Netdev 
>>> *netdev, bool is_netdev, Error **errp)
>>>           }
>>>       }
>>>   +    /*
>>> +     * The id for -net has already been checked by QemuOpts and
>>> +     * could be automatically generated, in which case it is not
>>> +     * well-formed by design.  HMP and QMP only call us with
>>> +     * is_netdev == true.
>>> +     */
>>> +    if (is_netdev && !id_wellformed(netdev->id)) {
>>> +        error_setg(errp, QERR_INVALID_PARAMETER_VALUE, "id", "an 
>>> identifier");
>>> +        return -1;
>>> +    }
>>> +
>>>       nc = qemu_find_netdev(netdev->id);
>>>       if (nc) {
>>>           error_setg(errp, "Duplicate ID '%s'", netdev->id);
>>>
>>
>> Sorry, I sent v2 yesterday.  This patch passed the tests at the time 
>> it was submitted, but now fails (because it does not work with -nic).
> 
> I don't see that. But I add a fixup in the pull request:
> 
> https://lists.gnu.org/archive/html/qemu-devel/2021-03/msg04237.html
> 
> If it doesn't make sense, I will drop this and send a new pull request 
> next week.

Hmm no, it didn't reach the list.  Let me resend.

Paolo

diff --git a/net/net.c b/net/net.c
index 9c784da..d36729f 100644
--- a/net/net.c
+++ b/net/net.c
@@ -44,6 +44,7 @@ 
 #include "qemu/cutils.h"
 #include "qemu/config-file.h"
 #include "qemu/ctype.h"
+#include "qemu/id.h"
 #include "qemu/iov.h"
 #include "qemu/qemu-print.h"
 #include "qemu/main-loop.h"
@@ -1011,6 +1012,17 @@  static int net_client_init1(const Netdev *netdev, bool is_netdev, Error **errp)
         }
     }
 
+    /*
+     * The id for -net has already been checked by QemuOpts and
+     * could be automatically generated, in which case it is not
+     * well-formed by design.  HMP and QMP only call us with
+     * is_netdev == true.
+     */
+    if (is_netdev && !id_wellformed(netdev->id)) {
+        error_setg(errp, QERR_INVALID_PARAMETER_VALUE, "id", "an identifier");
+        return -1;
+    }
+
     nc = qemu_find_netdev(netdev->id);
     if (nc) {
         error_setg(errp, "Duplicate ID '%s'", netdev->id);

[PULL,03/16] net: validate that ids are well formed

Commit Message

Comments

Patch