[v4,09/11] tools/ocaml/libs/xb: check for unmapped ring before accessing it

Commit Message

Edwin Török Dec. 16, 2022, 6:25 p.m. UTC

Xenmmap can unmap the ring, check for this condition before accessing it
to avoid crashing on an unmapped page.

Note that we cannot use the usual OCaml finalizers (like bigarray would) to
perform the unmap, because that might keep a reference count to a foreign
domain's memory that we want to release before destroying the domain.

Signed-off-by: Edwin Török <edvin.torok@citrix.com>
---
Changes:
* new patch
---
 tools/ocaml/libs/xb/xs_ring_stubs.c | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

Patch

diff --git a/tools/ocaml/libs/xb/xs_ring_stubs.c b/tools/ocaml/libs/xb/xs_ring_stubs.c
index 1e472d0bbf..28c79ee139 100644
--- a/tools/ocaml/libs/xb/xs_ring_stubs.c
+++ b/tools/ocaml/libs/xb/xs_ring_stubs.c
@@ -35,7 +35,14 @@ 
 #include <sys/mman.h>
 #include "mmap_stubs.h"
 
-#define GET_C_STRUCT(a) ((struct mmap_interface *) Data_abstract_val(a))
+static struct mmap_interface* check_addr(struct mmap_interface *interface)
+{
+    if (!interface->addr || interface->addr == MAP_FAILED)
+        caml_failwith("ring is not mapped");
+    return interface;
+}
+
+#define GET_C_STRUCT(a) check_addr((struct mmap_interface *) Data_abstract_val(a))
 
 /*
  * Bytes_val has been introduced by Ocaml 4.06.1. So define our own version
@@ -167,8 +174,6 @@  CAMLprim value ml_interface_set_server_features(value interface, value v)
 {
     CAMLparam2(interface, v);
     struct xenstore_domain_interface *intf = GET_C_STRUCT(interface)->addr;
-    if (intf == (void*)MAP_FAILED)
-        caml_failwith("Interface closed");
 
     intf->server_features = Int_val(v);