aboutsummaryrefslogtreecommitdiff
path: root/util/iov.c
AgeCommit message (Collapse)AuthorFilesLines
2023-09-07util/iov: Avoid dynamic stack allocationPhilippe Mathieu-Daudé1-1/+1
Use autofree heap allocation instead of variable-length array on the stack. The codebase has very few VLAs, and if we can get rid of them all we can make the compiler error on new additions. This is a defensive measure against security bugs where an on-stack dynamic allocation isn't correctly size-checked (e.g. CVE-2021-3527). Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-ID: <20230824164706.2652277-1-peter.maydell@linaro.org> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com>
2023-06-05util/iov: Remove qemu_iovec_init_extended()Hanna Czenczek1-68/+11
bdrv_pad_request() was the main user of qemu_iovec_init_extended(). HEAD^ has removed that use, so we can remove qemu_iovec_init_extended() now. The only remaining user is qemu_iovec_init_slice(), which can easily inline the small part it really needs. Note that qemu_iovec_init_extended() offered a memcpy() optimization to initialize the new I/O vector. qemu_iovec_concat_iov(), which is used to replace its functionality, does not, but calls qemu_iovec_add() for every single element. If we decide this optimization was important, we will need to re-implement it in qemu_iovec_concat_iov(), which might also benefit its pre-existing users. Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru> Signed-off-by: Hanna Czenczek <hreitz@redhat.com> Message-Id: <20230411173418.19549-4-hreitz@redhat.com>
2023-06-05util/iov: Make qiov_slice() publicHanna Czenczek1-7/+7
We want to inline qemu_iovec_init_extended() in block/io.c for padding requests, and having access to qiov_slice() is useful for this. As a public function, it is renamed to qemu_iovec_slice(). (We will need to count the number of I/O vector elements of a slice there, and then later process this slice. Without qiov_slice(), we would need to call qemu_iovec_subvec_niov(), and all further IOV-processing functions may need to skip prefixing elements to accomodate for a qiov_offset. Because qemu_iovec_subvec_niov() internally calls qiov_slice(), we can just have the block/io.c code call qiov_slice() itself, thus get the number of elements, and also create an iovec array with the superfluous prefixing elements stripped, so the following processing functions no longer need to skip them.) Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru> Signed-off-by: Hanna Czenczek <hreitz@redhat.com> Message-Id: <20230411173418.19549-2-hreitz@redhat.com>
2022-10-12util: make do_send_recv work with partial send/recvMarc-André Lureau1-2/+8
According to msdn documentation and Linux man pages, send() should try to send as much as possible in blocking mode, while recv() may return earlier with a smaller available amount, we should try to continue send/recv from there. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20221006113657.2656108-3-marcandre.lureau@redhat.com>
2022-04-06Remove qemu-common.h include from most unitsMarc-André Lureau1-1/+0
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20220323155743.1585078-33-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-02-03util/iov: make qemu_iovec_init_extended() honestVladimir Sementsov-Ogievskiy1-2/+23
Actually, we can't extend the io vector in all cases. Handle possible MAX_IOV and size_t overflows. For now add assertion to callers (actually they rely on success anyway) and fix them in the following patch. Add also some additional good assertions to qemu_iovec_init_slice() while being here. Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Message-Id: <20201211183934.169161-3-vsementsov@virtuozzo.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com>
2020-09-23util/iov: add iov_discard_undo()Stefan Hajnoczi1-4/+46
The iov_discard_front/back() operations are useful for parsing iovecs but they modify the array elements. If the original array is needed after parsing finishes there is currently no way to restore it. Although g_memdup() can be used before performing destructive iov_discard_front/back() operations, this is inefficient. Introduce iov_discard_undo() to restore the array to the state prior to an iov_discard_front/back() operation. Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Li Qiang <liq3ea@gmail.com> Message-Id: <20200917094455.822379-2-stefanha@redhat.com>
2020-09-11util/hexdump: Reorder qemu_hexdump() argumentsPhilippe Mathieu-Daudé1-1/+1
qemu_hexdump()'s pointer to the buffer and length of the buffer are closely related arguments but are widely separated in the argument list order (also, the format of <stdio.h> function prototypes is usually to have the FILE* argument coming first). Reorder the arguments as "fp, prefix, buf, size" which is more logical. Suggested-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Reviewed-by: Edgar E. Iglesias <edgar.iglesias@xilinx.com> Reviewed-by: Stefano Garzarella <sgarzare@redhat.com> Message-Id: <20200822180950.1343963-3-f4bug@amsat.org> Signed-off-by: Laurent Vivier <laurent@vivier.eu>
2019-10-08util/ioc.c: try to reassure Coverity about qemu_iovec_init_extendedVladimir Sementsov-Ogievskiy1-2/+3
Make it more obvious, that filling qiov corresponds to qiov allocation, which in turn corresponds to total_niov calculation, based on mid_niov (not mid_len). Still add an assertion to show that there should be no difference. [Added mingw "error: 'mid_iov' may be used uninitialized in this function" compiler error fix suggested by Vladimir. --Stefan] Reported-by: Coverity (CID 1405302) Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Message-id: 20190910090310.14032-1-vsementsov@virtuozzo.com Suggested-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Message-Id: <20190910090310.14032-1-vsementsov@virtuozzo.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> fixup! util/ioc.c: try to reassure Coverity about qemu_iovec_init_extended
2019-08-27block/qcow2: implement .bdrv_co_pwritev(_compressed)_partVladimir Sementsov-Ogievskiy1-0/+10
Implement and use new interface to get rid of hd_qiov. Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Acked-by: Stefan Hajnoczi <stefanha@redhat.com> Message-id: 20190604161514.262241-13-vsementsov@virtuozzo.com Message-Id: <20190604161514.262241-13-vsementsov@virtuozzo.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2019-08-27util/iov: improve qemu_iovec_is_zeroVladimir Sementsov-Ogievskiy1-12/+19
We'll need to check a part of qiov soon, so implement it now. Optimization with align down to 4 * sizeof(long) is dropped due to: 1. It is strange: it aligns length of the buffer, but where is a guarantee that buffer pointer is aligned itself? 2. buffer_is_zero() is a better place for optimizations and it has them. Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Acked-by: Stefan Hajnoczi <stefanha@redhat.com> Message-id: 20190604161514.262241-3-vsementsov@virtuozzo.com Message-Id: <20190604161514.262241-3-vsementsov@virtuozzo.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2019-08-27util/iov: introduce qemu_iovec_init_extendedVladimir Sementsov-Ogievskiy1-5/+107
Introduce new initialization API, to create requests with padding. Will be used in the following patch. New API uses qemu_iovec_init_buf if resulting io vector has only one element, to avoid extra allocations. So, we need to update qemu_iovec_destroy to support destroying such QIOVs. Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Acked-by: Stefan Hajnoczi <stefanha@redhat.com> Message-id: 20190604161514.262241-2-vsementsov@virtuozzo.com Message-Id: <20190604161514.262241-2-vsementsov@virtuozzo.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-08-03util: Fix assertion in iov_copy() upon zero 'bytes' and non-zero 'offset'Shmulik Ladkani1-1/+2
In cases where iov_copy() is passed with zero 'bytes' argument and a non-zero 'offset' argument, nothing gets copied - as expected. However no copy iterations are performed, so 'offset' is left unaltered, leading to the final assert(offset == 0) to fail. Instead, change the loop condition to continue as long as 'offset || bytes', similar to other iov_* functions. This ensures 'offset' gets zeroed (even if no actual copy is made), unless it is beyond end of source iov - which is asserted. Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com> Message-Id: <1470130880-1050-1-git-send-email-shmulik.ladkani@oracle.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-22util: move declarations out of qemu-common.hVeronia Bahaa1-0/+1
Move declarations out of qemu-common.h for functions declared in utils/ files: e.g. include/qemu/path.h for utils/path.c. Move inline functions out of qemu-common.h and into new files (e.g. include/qemu/bcd.h) Signed-off-by: Veronia Bahaa <veroniabahaa@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-03-22include/qemu/iov.h: Don't include qemu-common.hMarkus Armbruster1-0/+1
qemu-common.h should only be included by .c files. Its file comment explains why: "No header file should depend on qemu-common.h, as this would easily lead to circular header dependencies." qemu/iov.h includes qemu-common.h for QEMUIOVector stuff. Move all that to qemu/iov.h and drop the ill-advised include. Include qemu/iov.h where the QEMUIOVector stuff is now missing. Signed-off-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-02-09iov: avoid memcpy for "simple" iov_from_buf/iov_to_bufPaolo Bonzini1-4/+4
memcpy can take a large amount of time for small reads and writes. For virtio it is a common case that the first iovec can satisfy the whole read or write. In that case, and if bytes is a constant to avoid excessive growth of code, inline the first iteration into the caller. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 1450782213-14227-1-git-send-email-pbonzini@redhat.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2016-02-04util: Clean up includesPeter Maydell1-0/+1
Clean up includes so that osdep.h is included first and headers which it implies are not included manually. This commit was created with scripts/clean-includes. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1454089805-5470-6-git-send-email-peter.maydell@linaro.org
2015-06-23iov: don't touch iov in iov_send_recv()Wen Congyang1-1/+13
Signed-off-by: Wen Congyang <wency@cn.fujitsu.com> Message-id: 555D39D2.4000705@cn.fujitsu.com Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-12-10util: Use g_new() & friends where that makes obvious senseMarkus Armbruster1-2/+2
g_new(T, n) is neater than g_malloc(sizeof(T) * n). It's also safer, for two reasons. One, it catches multiplication overflowing size_t. Two, it returns T * rather than void *, which lets the compiler catch more type errors. This commit only touches allocations with size arguments of the form sizeof(T). Signed-off-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Fam Zheng <famz@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-07-14dma-helpers: Fix too long qiovKevin Wolf1-0/+13
If the size of the scatter/gather list isn't a multiple of 512, the number of sectors for the block layer request is rounded down, resulting in a qiov that doesn't match the request length. Truncate the qiov to the new length of the request. This fixes the IDE qtest case /x86_64/ide/bmdma/short_prdt. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com>
2014-06-18util: add return value to qemu_iovec_concat_iovPaolo Bonzini1-4/+6
This will be necessary later to recognize the case where a request has both dataout and datain. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2014-05-19util: add qemu_iovec_is_zeroPeter Lieven1-0/+21
Signed-off-by: Peter Lieven <pl@kamp.de> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2014-03-03util/iov: Use qemu/sockets.h instead of conditional codeStefan Weil1-8/+1
Signed-off-by: Stefan Weil <sw@weilnetz.de> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Andreas Färber <afaerber@suse.de> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2014-02-21blkverify: Extract qemu_iovec_clone() and qemu_iovec_compare() from blkverify.Benoît Canet1-0/+106
qemu_iovec_compare() will be used to compare IOs vectors in quorum blkverify mode. The patch extracts these functions in order to factorize the code. Signed-off-by: Benoit Canet <benoit@irqsave.net> Reviewed-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-09-20iov: avoid "orig_len may be used unitialized" warningMichael Tokarev1-6/+4
Signed-off-by: Wenchao Xia <xiawenc@linux.vnet.ibm.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2013-08-06iov: handle EOF in iov_send_recvMORITA Kazutaka1-0/+6
Without this patch, iov_send_recv() never returns when do_send_recv() returns zero. Signed-off-by: MORITA Kazutaka <morita.kazutaka@lab.ntt.co.jp> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2013-05-20Rename hexdump to avoid FreeBSD libutil conflictEd Maste1-1/+1
On FreeBSD libutil is used for openpty(), but it also provides a hexdump() which conflicts with QEMU's. Signed-off-by: Ed Maste <emaste@freebsd.org> Reviewed-by: Paolo Bonzini <pbonzini@redhat.com> Message-id: 1368718348-15199-1-git-send-email-emaste@freebsd.org Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-04-29win32: add readv/writev emulationPaolo Bonzini1-1/+1
Commit e9d8fbf (qemu-file: do not use stdio for qemu_fdopen, 2013-03-27) introduced a usage of writev, which mingw32 does not have. Even though qemu_fdopen itself is not used on mingw32, the future-proof solution is to add an implementation of it. This is simple and similar to how we emulate sendmsg/recvmsg in util/iov.c. Some files include osdep.h without qemu-common.h, so move the definition of iovec to osdep.h too, and include osdep.h from qemu-common.h unconditionally (protection against including files when NEED_CPU_H is defined is not needed since the removal of AREG0). Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-04-17iov: handle partial writes from sendmsg and recvmsgPaolo Bonzini1-47/+55
Partial writes can still happen in sendmsg and recvmsg, if a signal is received in the middle of a write. To handle this, retry the operation with a new offset/bytes pair. Reviewed-by: Juan Quintela <quintela@redhat.com> Reviewed-by: Orit Wassermann <owasserm@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-04-17iov: reorganize iov_send_recv, part 3Paolo Bonzini1-15/+15
"si" and "ei" are merged in a single variable. Reviewed-by: Juan Quintela <quintela@redhat.com> Reviewed-by: Orit Wassermann <owasserm@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-04-17iov: reorganize iov_send_recv, part 2Paolo Bonzini1-14/+14
Do not touch the "bytes" argument anymore. Instead, remember the original length of the last iovec if we touch it, and restore it afterwards. This requires undoing the changes in opposite order. The previous algorithm didn't care. Reviewed-by: Juan Quintela <quintela@redhat.com> Reviewed-by: Orit Wassermann <owasserm@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-04-17iov: reorganize iov_send_recv, part 1Paolo Bonzini1-7/+13
Once the initial part of the iov is dropped, it is not used anymore. Modify iov/iovcnt directly instead of adjusting them with the "si" variable. Reviewed-by: Juan Quintela <quintela@redhat.com> Reviewed-by: Orit Wassermann <owasserm@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2013-03-15iov: Factor out hexdumperPeter Crosthwaite1-25/+11
Factor out the hexdumper functionality from iov for all to use. Useful for creating verbose debug printfery that dumps packet data. Signed-off-by: Peter Crosthwaite <peter.crosthwaite@xilinx.com> Message-id: faaac219c55ea586d3f748befaf5a2788fd271b8.1361853677.git.peter.crosthwaite@xilinx.com Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
2013-02-06qemu/iovec: Don't assert if sbytes is zeroAneesh Kumar K.V1-0/+4
Since these values can possibly be sent from guest (for hw/9pfs), do a sanity check on them. A 9p write request with 0 bytes caused qemu to abort without this patch Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-01-12build: move libqemuutil.a components to util/Paolo Bonzini1-0/+422
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>