[1/2] gnttab: fully ignore zero-size copy requests

Commit Message

Jan Beulich Feb. 5, 2024, 11:03 a.m. UTC

Along the line with observations in the context of XSA-448, no field in
struct gnttab_copy_ptr is relevant when no data is to be copied, much
like e.g. the pointers passed to memcpy() are irrelevant (and would
never be "validated") when the passed length is zero.

Signed-off-by: Jan Beulich <jbeulich@suse.com>

Comments

Julien Grall Feb. 19, 2024, 9:50 p.m. UTC | #1

Hi Jan,

On 05/02/2024 11:03, Jan Beulich wrote:
> Along the line with observations in the context of XSA-448, no field in
> struct gnttab_copy_ptr is relevant when no data is to be copied, much
> like e.g. the pointers passed to memcpy() are irrelevant (and would
> never be "validated") when the passed length is zero.
> 
> Signed-off-by: Jan Beulich <jbeulich@suse.com>

Reviewed-by: Julien Grall <jgrall@amazon.com>

Cheers,

Patch

--- a/xen/common/grant_table.c
+++ b/xen/common/grant_table.c
@@ -3061,6 +3061,9 @@  static int gnttab_copy_one(const struct
 {
     int rc;
 
+    if ( unlikely(!op->len) )
+        return GNTST_okay;
+
     if ( !src->domain || op->source.domid != src->ptr.domid ||
          !dest->domain || op->dest.domid != dest->ptr.domid )
     {