xenpm: sanitize allocations in show_cpufreq_para_by_cpuid()

Message ID	d1fca705-bfed-4370-a907-ca090dea58e5@suse.com (mailing list archive)
State	New
Headers	show Return-Path: <xen-devel-bounces@lists.xenproject.org> Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org> Message-ID: <d1fca705-bfed-4370-a907-ca090dea58e5@suse.com> Date: Tue, 25 Mar 2025 13:51:44 +0100 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Content-Language: en-US To: "xen-devel@lists.xenproject.org" <xen-devel@lists.xenproject.org> Cc: Andrew Cooper <andrew.cooper3@citrix.com>, =?utf-8?q?Roger_Pau_Monn?= =?utf-8?q?=C3=A9?= <roger.pau@citrix.com>, Anthony PERARD <anthony.perard@vates.tech>, Jason Andryuk <jandryuk@gmail.com>, Penny Zheng <Penny.Zheng@amd.com> From: Jan Beulich <jbeulich@suse.com> Subject: [PATCH] xenpm: sanitize allocations in show_cpufreq_para_by_cpuid() Autocrypt: addr=jbeulich@suse.com; keydata= xsDiBFk3nEQRBADAEaSw6zC/EJkiwGPXbWtPxl2xCdSoeepS07jW8UgcHNurfHvUzogEq5xk hu507c3BarVjyWCJOylMNR98Yd8VqD9UfmX0Hb8/BrA+Hl6/DB/eqGptrf4BSRwcZQM32aZK 7Pj2XbGWIUrZrd70x1eAP9QE3P79Y2oLrsCgbZJfEwCgvz9JjGmQqQkRiTVzlZVCJYcyGGsD /0tbFCzD2h20ahe8rC1gbb3K3qk+LpBtvjBu1RY9drYk0NymiGbJWZgab6t1jM7sk2vuf0Py O9Hf9XBmK0uE9IgMaiCpc32XV9oASz6UJebwkX+zF2jG5I1BfnO9g7KlotcA/v5ClMjgo6Gl MDY4HxoSRu3i1cqqSDtVlt+AOVBJBACrZcnHAUSuCXBPy0jOlBhxPqRWv6ND4c9PH1xjQ3NP nxJuMBS8rnNg22uyfAgmBKNLpLgAGVRMZGaGoJObGf72s6TeIqKJo/LtggAS9qAUiuKVnygo 3wjfkS9A3DRO+SpU7JqWdsveeIQyeyEJ/8PTowmSQLakF+3fote9ybzd880fSmFuIEJldWxp Y2ggPGpiZXVsaWNoQHN1c2UuY29tPsJgBBMRAgAgBQJZN5xEAhsDBgsJCAcDAgQVAggDBBYC AwECHgECF4AACgkQoDSui/t3IH4J+wCfQ5jHdEjCRHj23O/5ttg9r9OIruwAn3103WUITZee e7Sbg12UgcQ5lv7SzsFNBFk3nEQQCACCuTjCjFOUdi5Nm244F+78kLghRcin/awv+IrTcIWF hUpSs1Y91iQQ7KItirz5uwCPlwejSJDQJLIS+QtJHaXDXeV6NI0Uef1hP20+y8qydDiVkv6l IreXjTb7DvksRgJNvCkWtYnlS3mYvQ9NzS9PhyALWbXnH6sIJd2O9lKS1Mrfq+y0IXCP10eS FFGg+Av3IQeFatkJAyju0PPthyTqxSI4lZYuJVPknzgaeuJv/2NccrPvmeDg6Coe7ZIeQ8Yj t0ARxu2xytAkkLCel1Lz1WLmwLstV30g80nkgZf/wr+/BXJW/oIvRlonUkxv+IbBM3dX2OV8 AmRv1ySWPTP7AAMFB/9PQK/VtlNUJvg8GXj9ootzrteGfVZVVT4XBJkfwBcpC/XcPzldjv+3 HYudvpdNK3lLujXeA5fLOH+Z/G9WBc5pFVSMocI71I8bT8lIAzreg0WvkWg5V2WZsUMlnDL9 mpwIGFhlbM3gfDMs7MPMu8YQRFVdUvtSpaAs8OFfGQ0ia3LGZcjA6Ik2+xcqscEJzNH+qh8V m5jjp28yZgaqTaRbg3M/+MTbMpicpZuqF4rnB0AQD12/3BNWDR6bmh+EkYSMcEIpQmBM51qM EKYTQGybRCjpnKHGOxG0rfFY1085mBDZCH5Kx0cl0HVJuQKC+dV2ZY5AqjcKwAxpE75MLFkr wkkEGBECAAkFAlk3nEQCGwwACgkQoDSui/t3IH7nnwCfcJWUDUFKdCsBH/E5d+0ZnMQi+G0A nAuWpQkjM1ASeQwSHEeAWPgskBQL Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit
Series	xenpm: sanitize allocations in show_cpufreq_para_by_cpuid() \| expand xenpm: sanitize allocations in show_cpufreq_para_by_cpuid()

Message ID

d1fca705-bfed-4370-a907-ca090dea58e5@suse.com (mailing list archive)

State

New

Headers

Errors-To: xen-devel-bounces@lists.xenproject.org
Precedence: list
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
Message-ID: <d1fca705-bfed-4370-a907-ca090dea58e5@suse.com>
Date: Tue, 25 Mar 2025 13:51:44 +0100
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: en-US
To: "xen-devel@lists.xenproject.org" <xen-devel@lists.xenproject.org>
Cc: Andrew Cooper <andrew.cooper3@citrix.com>, =?utf-8?q?Roger_Pau_Monn?=
	=?utf-8?q?=C3=A9?= <roger.pau@citrix.com>,
 Anthony PERARD <anthony.perard@vates.tech>,
 Jason Andryuk <jandryuk@gmail.com>, Penny Zheng <Penny.Zheng@amd.com>
From: Jan Beulich <jbeulich@suse.com>
Subject: [PATCH] xenpm: sanitize allocations in show_cpufreq_para_by_cpuid()
Autocrypt: addr=jbeulich@suse.com; keydata=
 xsDiBFk3nEQRBADAEaSw6zC/EJkiwGPXbWtPxl2xCdSoeepS07jW8UgcHNurfHvUzogEq5xk
 hu507c3BarVjyWCJOylMNR98Yd8VqD9UfmX0Hb8/BrA+Hl6/DB/eqGptrf4BSRwcZQM32aZK
 7Pj2XbGWIUrZrd70x1eAP9QE3P79Y2oLrsCgbZJfEwCgvz9JjGmQqQkRiTVzlZVCJYcyGGsD
 /0tbFCzD2h20ahe8rC1gbb3K3qk+LpBtvjBu1RY9drYk0NymiGbJWZgab6t1jM7sk2vuf0Py
 O9Hf9XBmK0uE9IgMaiCpc32XV9oASz6UJebwkX+zF2jG5I1BfnO9g7KlotcA/v5ClMjgo6Gl
 MDY4HxoSRu3i1cqqSDtVlt+AOVBJBACrZcnHAUSuCXBPy0jOlBhxPqRWv6ND4c9PH1xjQ3NP
 nxJuMBS8rnNg22uyfAgmBKNLpLgAGVRMZGaGoJObGf72s6TeIqKJo/LtggAS9qAUiuKVnygo
 3wjfkS9A3DRO+SpU7JqWdsveeIQyeyEJ/8PTowmSQLakF+3fote9ybzd880fSmFuIEJldWxp
 Y2ggPGpiZXVsaWNoQHN1c2UuY29tPsJgBBMRAgAgBQJZN5xEAhsDBgsJCAcDAgQVAggDBBYC
 AwECHgECF4AACgkQoDSui/t3IH4J+wCfQ5jHdEjCRHj23O/5ttg9r9OIruwAn3103WUITZee
 e7Sbg12UgcQ5lv7SzsFNBFk3nEQQCACCuTjCjFOUdi5Nm244F+78kLghRcin/awv+IrTcIWF
 hUpSs1Y91iQQ7KItirz5uwCPlwejSJDQJLIS+QtJHaXDXeV6NI0Uef1hP20+y8qydDiVkv6l
 IreXjTb7DvksRgJNvCkWtYnlS3mYvQ9NzS9PhyALWbXnH6sIJd2O9lKS1Mrfq+y0IXCP10eS
 FFGg+Av3IQeFatkJAyju0PPthyTqxSI4lZYuJVPknzgaeuJv/2NccrPvmeDg6Coe7ZIeQ8Yj
 t0ARxu2xytAkkLCel1Lz1WLmwLstV30g80nkgZf/wr+/BXJW/oIvRlonUkxv+IbBM3dX2OV8
 AmRv1ySWPTP7AAMFB/9PQK/VtlNUJvg8GXj9ootzrteGfVZVVT4XBJkfwBcpC/XcPzldjv+3
 HYudvpdNK3lLujXeA5fLOH+Z/G9WBc5pFVSMocI71I8bT8lIAzreg0WvkWg5V2WZsUMlnDL9
 mpwIGFhlbM3gfDMs7MPMu8YQRFVdUvtSpaAs8OFfGQ0ia3LGZcjA6Ik2+xcqscEJzNH+qh8V
 m5jjp28yZgaqTaRbg3M/+MTbMpicpZuqF4rnB0AQD12/3BNWDR6bmh+EkYSMcEIpQmBM51qM
 EKYTQGybRCjpnKHGOxG0rfFY1085mBDZCH5Kx0cl0HVJuQKC+dV2ZY5AqjcKwAxpE75MLFkr
 wkkEGBECAAkFAlk3nEQCGwwACgkQoDSui/t3IH7nnwCfcJWUDUFKdCsBH/E5d+0ZnMQi+G0A
 nAuWpQkjM1ASeQwSHEeAWPgskBQL
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit

Series

xenpm: sanitize allocations in show_cpufreq_para_by_cpuid() | expand

Commit Message

Jan Beulich March 25, 2025, 12:51 p.m. UTC

malloc(), when passed zero size, may return NULL (the behavior is
implementation defined). Extend the ->gov_num check to the other two
allocations as well. Don't chance then actually using a NULL in
print_cpufreq_para().

Fixes: 75e06d089d48 ("xenpm: add cpu frequency control interface, through which user can")
Signed-off-by: Jan Beulich <jbeulich@suse.com>

Comments

Andrew Cooper March 25, 2025, 2:20 p.m. UTC | #1

On 25/03/2025 12:51 pm, Jan Beulich wrote:
> malloc(), when passed zero size, may return NULL (the behavior is
> implementation defined).

More importantly, this is the Musl behaviour, so is how ~most of Gitlab
CI behaves.

>  Extend the ->gov_num check to the other two
> allocations as well.

I'm not sure what you mean by this.  Only one of these hunks has a
->gov_num check.

>  Don't chance then actually using a NULL in
> print_cpufreq_para().
>
> Fixes: 75e06d089d48 ("xenpm: add cpu frequency control interface, through which user can")
> Signed-off-by: Jan Beulich <jbeulich@suse.com>

The code change looks ok, so Acked-by: Andrew Cooper
<andrew.cooper3@citrix.com> but I'd prefer a clarified commit message.

Jan Beulich March 25, 2025, 2:30 p.m. UTC | #2

On 25.03.2025 15:20, Andrew Cooper wrote:
> On 25/03/2025 12:51 pm, Jan Beulich wrote:
>> malloc(), when passed zero size, may return NULL (the behavior is
>> implementation defined).
> 
> More importantly, this is the Musl behaviour, so is how ~most of Gitlab
> CI behaves.
> 
>>  Extend the ->gov_num check to the other two
>> allocations as well.
> 
> I'm not sure what you mean by this.  Only one of these hunks has a
> ->gov_num check.

Not sure I see a better way of wording this: What I mean to say is that
the ->gov_num check that there is already is being replicated (with "gov"
replaced accordingly) to the other two places where similar allocations
happen. Maybe simply s/Extend/Mirror" would already help?

>>  Don't chance then actually using a NULL in
>> print_cpufreq_para().
>>
>> Fixes: 75e06d089d48 ("xenpm: add cpu frequency control interface, through which user can")
>> Signed-off-by: Jan Beulich <jbeulich@suse.com>
> 
> The code change looks ok, so Acked-by: Andrew Cooper
> <andrew.cooper3@citrix.com> but I'd prefer a clarified commit message.

Thanks.

Jan

Jan Beulich March 25, 2025, 2:33 p.m. UTC | #3

On 25.03.2025 15:30, Jan Beulich wrote:
> On 25.03.2025 15:20, Andrew Cooper wrote:
>> On 25/03/2025 12:51 pm, Jan Beulich wrote:
>>> malloc(), when passed zero size, may return NULL (the behavior is
>>> implementation defined).
>>
>> More importantly, this is the Musl behaviour, so is how ~most of Gitlab
>> CI behaves.
>>
>>>  Extend the ->gov_num check to the other two
>>> allocations as well.
>>
>> I'm not sure what you mean by this.  Only one of these hunks has a
>> ->gov_num check.
> 
> Not sure I see a better way of wording this: What I mean to say is that
> the ->gov_num check that there is already is being replicated (with "gov"
> replaced accordingly) to the other two places where similar allocations
> happen. Maybe simply s/Extend/Mirror" would already help?

Oh, and to clarify: The ->gov_num check mentioned isn't the one visible
in one of the hunks. It's entirely outside of patch context. It was put
there (for [now] questionable reasons by the HWP work).

Jan

Jason Andryuk March 25, 2025, 5:12 p.m. UTC | #4

On 2025-03-25 10:30, Jan Beulich wrote:
> On 25.03.2025 15:20, Andrew Cooper wrote:
>> On 25/03/2025 12:51 pm, Jan Beulich wrote:
>>> malloc(), when passed zero size, may return NULL (the behavior is
>>> implementation defined).
>>
>> More importantly, this is the Musl behaviour, so is how ~most of Gitlab
>> CI behaves.
>>
>>>   Extend the ->gov_num check to the other two
>>> allocations as well.
>>
>> I'm not sure what you mean by this.  Only one of these hunks has a
>> ->gov_num check.
> 
> Not sure I see a better way of wording this: What I mean to say is that
> the ->gov_num check that there is already is being replicated (with "gov"
> replaced accordingly) to the other two places where similar allocations
> happen. Maybe simply s/Extend/Mirror" would already help?

Yes, "Mirror" is better.

>>>   Don't chance then actually using a NULL in
>>> print_cpufreq_para().
>>>
>>> Fixes: 75e06d089d48 ("xenpm: add cpu frequency control interface, through which user can")
>>> Signed-off-by: Jan Beulich <jbeulich@suse.com>
>>
>> The code change looks ok, so Acked-by: Andrew Cooper
>> <andrew.cooper3@citrix.com> but I'd prefer a clarified commit message.

Reviewed-by: Jason Andryuk <jason.andryuk@amd.com>

Thanks,
Jason

--- a/tools/misc/xenpm.c
+++ b/tools/misc/xenpm.c
@@ -840,8 +840,9 @@  static void print_cpufreq_para(int cpuid
     }
     else
     {
-        printf("scaling_avail_gov    : %s\n",
-               p_cpufreq->scaling_available_governors);
+        if ( p_cpufreq->gov_num )
+            printf("scaling_avail_gov    : %s\n",
+                   p_cpufreq->scaling_available_governors);
 
         printf("current_governor     : %s\n", p_cpufreq->u.s.scaling_governor);
         if ( !strncmp(p_cpufreq->u.s.scaling_governor,
@@ -907,7 +908,8 @@  static int show_cpufreq_para_by_cpuid(xc
         p_cpufreq->scaling_available_frequencies = NULL;
         p_cpufreq->scaling_available_governors = NULL;
 
-        if (!(p_cpufreq->affected_cpus =
+        if (p_cpufreq->cpu_num &&
+            !(p_cpufreq->affected_cpus =
               malloc(p_cpufreq->cpu_num * sizeof(uint32_t))))
         {
             fprintf(stderr,
@@ -916,7 +918,8 @@  static int show_cpufreq_para_by_cpuid(xc
             ret = -ENOMEM;
             goto out;
         }
-        if (!(p_cpufreq->scaling_available_frequencies =
+        if (p_cpufreq->freq_num &&
+            !(p_cpufreq->scaling_available_frequencies =
               malloc(p_cpufreq->freq_num * sizeof(uint32_t))))
         {
             fprintf(stderr,

xenpm: sanitize allocations in show_cpufreq_para_by_cpuid()

Commit Message

Comments

Patch