git: aa545f18d384 - stable/14 - netmap: Ignore errors in CSB_WRITE()
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 04 Jan 2024 13:48:01 UTC
The branch stable/14 has been updated by markj:
URL: https://cgit.FreeBSD.org/src/commit/?id=aa545f18d384d2e925dcc8de8f7ad7fb73e66dc1
commit aa545f18d384d2e925dcc8de8f7ad7fb73e66dc1
Author: Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2023-12-27 15:13:29 +0000
Commit: Mark Johnston <markj@FreeBSD.org>
CommitDate: 2024-01-04 13:42:13 +0000
netmap: Ignore errors in CSB_WRITE()
The CSB_WRITE() and _READ() macros respectively write to and read from
userspace memory and so can in principle fault. However, we do not
check for errors and will proceed blindly if they fail. Add assertions
to verify that they do not.
This is in preparation for annotating copyin() and related functions
with __result_use_check.
Reviewed by: vmaffione
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D43200
(cherry picked from commit 99efa2c88d93c6272a8f54b18d18d0fd9d60f137)
---
sys/dev/netmap/netmap_kern.h | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
diff --git a/sys/dev/netmap/netmap_kern.h b/sys/dev/netmap/netmap_kern.h
index 24f741084a8d..8618aaf82299 100644
--- a/sys/dev/netmap/netmap_kern.h
+++ b/sys/dev/netmap/netmap_kern.h
@@ -2450,8 +2450,19 @@ void netmap_uninit_bridges(void);
#define CSB_READ(csb, field, r) (get_user(r, &csb->field))
#define CSB_WRITE(csb, field, v) (put_user(v, &csb->field))
#else /* ! linux */
-#define CSB_READ(csb, field, r) (r = fuword32(&csb->field))
-#define CSB_WRITE(csb, field, v) (suword32(&csb->field, v))
+#define CSB_READ(csb, field, r) do { \
+ int32_t v __diagused; \
+ \
+ v = fuword32(&csb->field); \
+ KASSERT(v != -1, ("%s: fuword32 failed", __func__)); \
+ r = v; \
+} while (0)
+#define CSB_WRITE(csb, field, v) do { \
+ int error __diagused; \
+ \
+ error = suword32(&csb->field, v); \
+ KASSERT(error == 0, ("%s: suword32 failed", __func__)); \
+} while (0)
#endif /* ! linux */
/* some macros that may not be defined */