[v3,2/8] xen/hypfs: switch write function handles to const

Message ID	20201209160956.32456-3-jgross@suse.com (mailing list archive)
State	Superseded
Headers	show Return-Path: <SRS0=Zv5g=FN=lists.xenproject.org=xen-devel-bounces@kernel.org> DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 9696B23B51 Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org> From: Juergen Gross <jgross@suse.com> To: xen-devel@lists.xenproject.org Cc: Juergen Gross <jgross@suse.com>, Andrew Cooper <andrew.cooper3@citrix.com>, George Dunlap <george.dunlap@citrix.com>, Ian Jackson <iwj@xenproject.org>, Jan Beulich <jbeulich@suse.com>, Julien Grall <julien@xen.org>, Stefano Stabellini <sstabellini@kernel.org>, Wei Liu <wl@xen.org> Subject: [PATCH v3 2/8] xen/hypfs: switch write function handles to const Date: Wed, 9 Dec 2020 17:09:50 +0100 Message-Id: <20201209160956.32456-3-jgross@suse.com> In-Reply-To: <20201209160956.32456-1-jgross@suse.com> References: <20201209160956.32456-1-jgross@suse.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	xen: support per-cpupool scheduling granularity \| expand [v3,0/8] xen: support per-cpupool scheduling granularity [v3,1/8] xen/cpupool: support moving domain between cpupools with different granularity [v3,2/8] xen/hypfs: switch write function handles to const [v3,3/8] xen/hypfs: add new enter() and exit() per node callbacks [v3,4/8] xen/hypfs: support dynamic hypfs nodes [v3,5/8] xen/hypfs: add support for id-based dynamic directories [v3,6/8] xen/cpupool: add cpupool directories [v3,7/8] xen/cpupool: add scheduling granularity entry to cpupool entries [v3,8/8] xen/cpupool: make per-cpupool sched-gran hypfs node writable

Message ID

20201209160956.32456-3-jgross@suse.com (mailing list archive)

State

Superseded

Headers

DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 9696B23B51
Errors-To: xen-devel-bounces@lists.xenproject.org
Precedence: list
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
From: Juergen Gross <jgross@suse.com>
To: xen-devel@lists.xenproject.org
Cc: Juergen Gross <jgross@suse.com>,
	Andrew Cooper <andrew.cooper3@citrix.com>,
	George Dunlap <george.dunlap@citrix.com>,
	Ian Jackson <iwj@xenproject.org>,
	Jan Beulich <jbeulich@suse.com>,
	Julien Grall <julien@xen.org>,
	Stefano Stabellini <sstabellini@kernel.org>,
	Wei Liu <wl@xen.org>
Subject: [PATCH v3 2/8] xen/hypfs: switch write function handles to const
Date: Wed,  9 Dec 2020 17:09:50 +0100
Message-Id: <20201209160956.32456-3-jgross@suse.com>
In-Reply-To: <20201209160956.32456-1-jgross@suse.com>
References: <20201209160956.32456-1-jgross@suse.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

xen: support per-cpupool scheduling granularity | expand

Commit Message

Jürgen Groß Dec. 9, 2020, 4:09 p.m. UTC

The node specific write functions take a void user address handle as
parameter. As a write won't change the user memory use a const_void
handle instead.

This requires a new macro for casting a guest handle to a const type.

Suggested-by: Jan Beulich <jbeulich@suse.com>
Signed-off-by: Juergen Gross <jgross@suse.com>
---
V3:
- new patch
---
 xen/common/hypfs.c             | 17 +++++++++++------
 xen/include/xen/guest_access.h |  5 +++++
 xen/include/xen/hypfs.h        | 14 +++++++++-----
 3 files changed, 25 insertions(+), 11 deletions(-)

Comments

Jan Beulich Dec. 16, 2020, 4:08 p.m. UTC | #1

On 09.12.2020 17:09, Juergen Gross wrote:
> --- a/xen/include/xen/guest_access.h
> +++ b/xen/include/xen/guest_access.h
> @@ -26,6 +26,11 @@
>      type *_x = (hnd).p;                         \
>      (XEN_GUEST_HANDLE_PARAM(type)) { _x };      \
>  })
> +/* Same for casting to a const type. */
> +#define guest_handle_const_cast(hnd, type) ({       \
> +    const type *_x = (const type *)((hnd).p);       \
> +    (XEN_GUEST_HANDLE_PARAM(const_##type)) { _x };  \
> +})

Afaict this allow casting from e.g. uint to const_ulong. We
don't want to permit this (i.e. if really needed one is to
go through two steps). I think all it takes is dropping the
cast:

#define guest_handle_const_cast(hnd, type) ({      \
    const type *_x = (hnd).p;                      \
    (XEN_GUEST_HANDLE_PARAM(const_##type)) { _x }; \
})

With this
Reviewed-by: Jan Beulich <jbeulich@suse.com>
and I'd be okay making the adjustment while committing
(provided it works and I didn't overlook anything).

Jan

Jürgen Groß Dec. 16, 2020, 4:17 p.m. UTC | #2

On 16.12.20 17:08, Jan Beulich wrote:
> On 09.12.2020 17:09, Juergen Gross wrote:
>> --- a/xen/include/xen/guest_access.h
>> +++ b/xen/include/xen/guest_access.h
>> @@ -26,6 +26,11 @@
>>       type *_x = (hnd).p;                         \
>>       (XEN_GUEST_HANDLE_PARAM(type)) { _x };      \
>>   })
>> +/* Same for casting to a const type. */
>> +#define guest_handle_const_cast(hnd, type) ({       \
>> +    const type *_x = (const type *)((hnd).p);       \
>> +    (XEN_GUEST_HANDLE_PARAM(const_##type)) { _x };  \
>> +})
> 
> Afaict this allow casting from e.g. uint to const_ulong. We
> don't want to permit this (i.e. if really needed one is to
> go through two steps). I think all it takes is dropping the
> cast:
> 
> #define guest_handle_const_cast(hnd, type) ({      \
>      const type *_x = (hnd).p;                      \
>      (XEN_GUEST_HANDLE_PARAM(const_##type)) { _x }; \
> })
> 
> With this
> Reviewed-by: Jan Beulich <jbeulich@suse.com>
> and I'd be okay making the adjustment while committing
> (provided it works and I didn't overlook anything).

At least it is still compiling, and I guess that was the main
concern.


Juergen

Jan Beulich Dec. 16, 2020, 4:35 p.m. UTC | #3

On 16.12.2020 17:17, Jürgen Groß wrote:
> On 16.12.20 17:08, Jan Beulich wrote:
>> On 09.12.2020 17:09, Juergen Gross wrote:
>>> --- a/xen/include/xen/guest_access.h
>>> +++ b/xen/include/xen/guest_access.h
>>> @@ -26,6 +26,11 @@
>>>       type *_x = (hnd).p;                         \
>>>       (XEN_GUEST_HANDLE_PARAM(type)) { _x };      \
>>>   })
>>> +/* Same for casting to a const type. */
>>> +#define guest_handle_const_cast(hnd, type) ({       \
>>> +    const type *_x = (const type *)((hnd).p);       \
>>> +    (XEN_GUEST_HANDLE_PARAM(const_##type)) { _x };  \
>>> +})
>>
>> Afaict this allow casting from e.g. uint to const_ulong. We
>> don't want to permit this (i.e. if really needed one is to
>> go through two steps). I think all it takes is dropping the
>> cast:
>>
>> #define guest_handle_const_cast(hnd, type) ({      \
>>      const type *_x = (hnd).p;                      \
>>      (XEN_GUEST_HANDLE_PARAM(const_##type)) { _x }; \
>> })
>>
>> With this
>> Reviewed-by: Jan Beulich <jbeulich@suse.com>
>> and I'd be okay making the adjustment while committing
>> (provided it works and I didn't overlook anything).
> 
> At least it is still compiling, and I guess that was the main
> concern.

Indeed. Thanks for checking.

Jan

diff --git a/xen/common/hypfs.c b/xen/common/hypfs.c
index 2e8e90591e..6f822ae097 100644
--- a/xen/common/hypfs.c
+++ b/xen/common/hypfs.c
@@ -344,7 +344,8 @@  static int hypfs_read(const struct hypfs_entry *entry,
 }
 
 int hypfs_write_leaf(struct hypfs_entry_leaf *leaf,
-                     XEN_GUEST_HANDLE_PARAM(void) uaddr, unsigned int ulen)
+                     XEN_GUEST_HANDLE_PARAM(const_void) uaddr,
+                     unsigned int ulen)
 {
     char *buf;
     int ret;
@@ -384,7 +385,8 @@  int hypfs_write_leaf(struct hypfs_entry_leaf *leaf,
 }
 
 int hypfs_write_bool(struct hypfs_entry_leaf *leaf,
-                     XEN_GUEST_HANDLE_PARAM(void) uaddr, unsigned int ulen)
+                     XEN_GUEST_HANDLE_PARAM(const_void) uaddr,
+                     unsigned int ulen)
 {
     bool buf;
 
@@ -405,7 +407,8 @@  int hypfs_write_bool(struct hypfs_entry_leaf *leaf,
 }
 
 int hypfs_write_custom(struct hypfs_entry_leaf *leaf,
-                       XEN_GUEST_HANDLE_PARAM(void) uaddr, unsigned int ulen)
+                       XEN_GUEST_HANDLE_PARAM(const_void) uaddr,
+                       unsigned int ulen)
 {
     struct param_hypfs *p;
     char *buf;
@@ -439,13 +442,15 @@  int hypfs_write_custom(struct hypfs_entry_leaf *leaf,
 }
 
 int hypfs_write_deny(struct hypfs_entry_leaf *leaf,
-                     XEN_GUEST_HANDLE_PARAM(void) uaddr, unsigned int ulen)
+                     XEN_GUEST_HANDLE_PARAM(const_void) uaddr,
+                     unsigned int ulen)
 {
     return -EACCES;
 }
 
 static int hypfs_write(struct hypfs_entry *entry,
-                       XEN_GUEST_HANDLE_PARAM(void) uaddr, unsigned long ulen)
+                       XEN_GUEST_HANDLE_PARAM(const_void) uaddr,
+                       unsigned long ulen)
 {
     struct hypfs_entry_leaf *l;
 
@@ -497,7 +502,7 @@  long do_hypfs_op(unsigned int cmd,
         break;
 
     case XEN_HYPFS_OP_write_contents:
-        ret = hypfs_write(entry, arg3, arg4);
+        ret = hypfs_write(entry, guest_handle_const_cast(arg3, void), arg4);
         break;
 
     default:
diff --git a/xen/include/xen/guest_access.h b/xen/include/xen/guest_access.h
index f9b94cf1f4..5a50c3ccee 100644
--- a/xen/include/xen/guest_access.h
+++ b/xen/include/xen/guest_access.h
@@ -26,6 +26,11 @@ 
     type *_x = (hnd).p;                         \
     (XEN_GUEST_HANDLE_PARAM(type)) { _x };      \
 })
+/* Same for casting to a const type. */
+#define guest_handle_const_cast(hnd, type) ({       \
+    const type *_x = (const type *)((hnd).p);       \
+    (XEN_GUEST_HANDLE_PARAM(const_##type)) { _x };  \
+})
 
 /* Cast a XEN_GUEST_HANDLE to XEN_GUEST_HANDLE_PARAM */
 #define guest_handle_to_param(hnd, type) ({                  \
diff --git a/xen/include/xen/hypfs.h b/xen/include/xen/hypfs.h
index 53f50772b4..99fd4b036d 100644
--- a/xen/include/xen/hypfs.h
+++ b/xen/include/xen/hypfs.h
@@ -38,7 +38,7 @@  struct hypfs_funcs {
     int (*read)(const struct hypfs_entry *entry,
                 XEN_GUEST_HANDLE_PARAM(void) uaddr);
     int (*write)(struct hypfs_entry_leaf *leaf,
-                 XEN_GUEST_HANDLE_PARAM(void) uaddr, unsigned int ulen);
+                 XEN_GUEST_HANDLE_PARAM(const_void) uaddr, unsigned int ulen);
     unsigned int (*getsize)(const struct hypfs_entry *entry);
     struct hypfs_entry *(*findentry)(const struct hypfs_entry_dir *dir,
                                      const char *name, unsigned int name_len);
@@ -154,13 +154,17 @@  int hypfs_read_dir(const struct hypfs_entry *entry,
 int hypfs_read_leaf(const struct hypfs_entry *entry,
                     XEN_GUEST_HANDLE_PARAM(void) uaddr);
 int hypfs_write_deny(struct hypfs_entry_leaf *leaf,
-                     XEN_GUEST_HANDLE_PARAM(void) uaddr, unsigned int ulen);
+                     XEN_GUEST_HANDLE_PARAM(const_void) uaddr,
+                     unsigned int ulen);
 int hypfs_write_leaf(struct hypfs_entry_leaf *leaf,
-                     XEN_GUEST_HANDLE_PARAM(void) uaddr, unsigned int ulen);
+                     XEN_GUEST_HANDLE_PARAM(const_void) uaddr,
+                     unsigned int ulen);
 int hypfs_write_bool(struct hypfs_entry_leaf *leaf,
-                     XEN_GUEST_HANDLE_PARAM(void) uaddr, unsigned int ulen);
+                     XEN_GUEST_HANDLE_PARAM(const_void) uaddr,
+                     unsigned int ulen);
 int hypfs_write_custom(struct hypfs_entry_leaf *leaf,
-                       XEN_GUEST_HANDLE_PARAM(void) uaddr, unsigned int ulen);
+                       XEN_GUEST_HANDLE_PARAM(const_void) uaddr,
+                       unsigned int ulen);
 unsigned int hypfs_getsize(const struct hypfs_entry *entry);
 struct hypfs_entry *hypfs_leaf_findentry(const struct hypfs_entry_dir *dir,
                                          const char *name,

[v3,2/8] xen/hypfs: switch write function handles to const

Commit Message

Comments

Patch