scsi: pvscsi: check command descriptor ring buffer size (CVE-2016-4952)
[qemu.git] / util / osdep.c
1 /*
2 * QEMU low level functions
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
22 * THE SOFTWARE.
23 */
24 #include "qemu/osdep.h"
25
26 /* Needed early for CONFIG_BSD etc. */
27
28 #if defined(CONFIG_MADVISE) || defined(CONFIG_POSIX_MADVISE)
29 #include <sys/mman.h>
30 #endif
31
32 #ifdef CONFIG_SOLARIS
33 #include <sys/statvfs.h>
34 /* See MySQL bug #7156 (http://bugs.mysql.com/bug.php?id=7156) for
35 discussion about Solaris header problems */
36 extern int madvise(caddr_t, size_t, int);
37 #endif
38
39 #include "qemu-common.h"
40 #include "qemu/cutils.h"
41 #include "qemu/sockets.h"
42 #include "qemu/error-report.h"
43 #include "monitor/monitor.h"
44
45 static bool fips_enabled = false;
46
47 static const char *hw_version = QEMU_HW_VERSION;
48
49 int socket_set_cork(int fd, int v)
50 {
51 #if defined(SOL_TCP) && defined(TCP_CORK)
52 return qemu_setsockopt(fd, SOL_TCP, TCP_CORK, &v, sizeof(v));
53 #else
54 return 0;
55 #endif
56 }
57
58 int socket_set_nodelay(int fd)
59 {
60 int v = 1;
61 return qemu_setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &v, sizeof(v));
62 }
63
64 int qemu_madvise(void *addr, size_t len, int advice)
65 {
66 if (advice == QEMU_MADV_INVALID) {
67 errno = EINVAL;
68 return -1;
69 }
70 #if defined(CONFIG_MADVISE)
71 return madvise(addr, len, advice);
72 #elif defined(CONFIG_POSIX_MADVISE)
73 return posix_madvise(addr, len, advice);
74 #else
75 errno = EINVAL;
76 return -1;
77 #endif
78 }
79
80 #ifndef _WIN32
81 /*
82 * Dups an fd and sets the flags
83 */
84 static int qemu_dup_flags(int fd, int flags)
85 {
86 int ret;
87 int serrno;
88 int dup_flags;
89
90 #ifdef F_DUPFD_CLOEXEC
91 ret = fcntl(fd, F_DUPFD_CLOEXEC, 0);
92 #else
93 ret = dup(fd);
94 if (ret != -1) {
95 qemu_set_cloexec(ret);
96 }
97 #endif
98 if (ret == -1) {
99 goto fail;
100 }
101
102 dup_flags = fcntl(ret, F_GETFL);
103 if (dup_flags == -1) {
104 goto fail;
105 }
106
107 if ((flags & O_SYNC) != (dup_flags & O_SYNC)) {
108 errno = EINVAL;
109 goto fail;
110 }
111
112 /* Set/unset flags that we can with fcntl */
113 if (fcntl(ret, F_SETFL, flags) == -1) {
114 goto fail;
115 }
116
117 /* Truncate the file in the cases that open() would truncate it */
118 if (flags & O_TRUNC ||
119 ((flags & (O_CREAT | O_EXCL)) == (O_CREAT | O_EXCL))) {
120 if (ftruncate(ret, 0) == -1) {
121 goto fail;
122 }
123 }
124
125 return ret;
126
127 fail:
128 serrno = errno;
129 if (ret != -1) {
130 close(ret);
131 }
132 errno = serrno;
133 return -1;
134 }
135
136 static int qemu_parse_fdset(const char *param)
137 {
138 return qemu_parse_fd(param);
139 }
140 #endif
141
142 /*
143 * Opens a file with FD_CLOEXEC set
144 */
145 int qemu_open(const char *name, int flags, ...)
146 {
147 int ret;
148 int mode = 0;
149
150 #ifndef _WIN32
151 const char *fdset_id_str;
152
153 /* Attempt dup of fd from fd set */
154 if (strstart(name, "/dev/fdset/", &fdset_id_str)) {
155 int64_t fdset_id;
156 int fd, dupfd;
157
158 fdset_id = qemu_parse_fdset(fdset_id_str);
159 if (fdset_id == -1) {
160 errno = EINVAL;
161 return -1;
162 }
163
164 fd = monitor_fdset_get_fd(fdset_id, flags);
165 if (fd == -1) {
166 return -1;
167 }
168
169 dupfd = qemu_dup_flags(fd, flags);
170 if (dupfd == -1) {
171 return -1;
172 }
173
174 ret = monitor_fdset_dup_fd_add(fdset_id, dupfd);
175 if (ret == -1) {
176 close(dupfd);
177 errno = EINVAL;
178 return -1;
179 }
180
181 return dupfd;
182 }
183 #endif
184
185 if (flags & O_CREAT) {
186 va_list ap;
187
188 va_start(ap, flags);
189 mode = va_arg(ap, int);
190 va_end(ap);
191 }
192
193 #ifdef O_CLOEXEC
194 ret = open(name, flags | O_CLOEXEC, mode);
195 #else
196 ret = open(name, flags, mode);
197 if (ret >= 0) {
198 qemu_set_cloexec(ret);
199 }
200 #endif
201
202 #ifdef O_DIRECT
203 if (ret == -1 && errno == EINVAL && (flags & O_DIRECT)) {
204 error_report("file system may not support O_DIRECT");
205 errno = EINVAL; /* in case it was clobbered */
206 }
207 #endif /* O_DIRECT */
208
209 return ret;
210 }
211
212 int qemu_close(int fd)
213 {
214 int64_t fdset_id;
215
216 /* Close fd that was dup'd from an fdset */
217 fdset_id = monitor_fdset_dup_fd_find(fd);
218 if (fdset_id != -1) {
219 int ret;
220
221 ret = close(fd);
222 if (ret == 0) {
223 monitor_fdset_dup_fd_remove(fd);
224 }
225
226 return ret;
227 }
228
229 return close(fd);
230 }
231
232 /*
233 * A variant of write(2) which handles partial write.
234 *
235 * Return the number of bytes transferred.
236 * Set errno if fewer than `count' bytes are written.
237 *
238 * This function don't work with non-blocking fd's.
239 * Any of the possibilities with non-bloking fd's is bad:
240 * - return a short write (then name is wrong)
241 * - busy wait adding (errno == EAGAIN) to the loop
242 */
243 ssize_t qemu_write_full(int fd, const void *buf, size_t count)
244 {
245 ssize_t ret = 0;
246 ssize_t total = 0;
247
248 while (count) {
249 ret = write(fd, buf, count);
250 if (ret < 0) {
251 if (errno == EINTR)
252 continue;
253 break;
254 }
255
256 count -= ret;
257 buf += ret;
258 total += ret;
259 }
260
261 return total;
262 }
263
264 /*
265 * Opens a socket with FD_CLOEXEC set
266 */
267 int qemu_socket(int domain, int type, int protocol)
268 {
269 int ret;
270
271 #ifdef SOCK_CLOEXEC
272 ret = socket(domain, type | SOCK_CLOEXEC, protocol);
273 if (ret != -1 || errno != EINVAL) {
274 return ret;
275 }
276 #endif
277 ret = socket(domain, type, protocol);
278 if (ret >= 0) {
279 qemu_set_cloexec(ret);
280 }
281
282 return ret;
283 }
284
285 /*
286 * Accept a connection and set FD_CLOEXEC
287 */
288 int qemu_accept(int s, struct sockaddr *addr, socklen_t *addrlen)
289 {
290 int ret;
291
292 #ifdef CONFIG_ACCEPT4
293 ret = accept4(s, addr, addrlen, SOCK_CLOEXEC);
294 if (ret != -1 || errno != ENOSYS) {
295 return ret;
296 }
297 #endif
298 ret = accept(s, addr, addrlen);
299 if (ret >= 0) {
300 qemu_set_cloexec(ret);
301 }
302
303 return ret;
304 }
305
306 void qemu_set_hw_version(const char *version)
307 {
308 hw_version = version;
309 }
310
311 const char *qemu_hw_version(void)
312 {
313 return hw_version;
314 }
315
316 void fips_set_state(bool requested)
317 {
318 #ifdef __linux__
319 if (requested) {
320 FILE *fds = fopen("/proc/sys/crypto/fips_enabled", "r");
321 if (fds != NULL) {
322 fips_enabled = (fgetc(fds) == '1');
323 fclose(fds);
324 }
325 }
326 #else
327 fips_enabled = false;
328 #endif /* __linux__ */
329
330 #ifdef _FIPS_DEBUG
331 fprintf(stderr, "FIPS mode %s (requested %s)\n",
332 (fips_enabled ? "enabled" : "disabled"),
333 (requested ? "enabled" : "disabled"));
334 #endif
335 }
336
337 bool fips_get_state(void)
338 {
339 return fips_enabled;
340 }
341
342 #ifdef _WIN32
343 static void socket_cleanup(void)
344 {
345 WSACleanup();
346 }
347 #endif
348
349 int socket_init(void)
350 {
351 #ifdef _WIN32
352 WSADATA Data;
353 int ret, err;
354
355 ret = WSAStartup(MAKEWORD(2, 2), &Data);
356 if (ret != 0) {
357 err = WSAGetLastError();
358 fprintf(stderr, "WSAStartup: %d\n", err);
359 return -1;
360 }
361 atexit(socket_cleanup);
362 #endif
363 return 0;
364 }
365
366 #if !GLIB_CHECK_VERSION(2, 31, 0)
367 /* Ensure that glib is running in multi-threaded mode
368 * Old versions of glib require explicit initialization. Failure to do
369 * this results in the single-threaded code paths being taken inside
370 * glib. For example, the g_slice allocator will not be thread-safe
371 * and cause crashes.
372 */
373 static void __attribute__((constructor)) thread_init(void)
374 {
375 if (!g_thread_supported()) {
376 g_thread_init(NULL);
377 }
378 }
379 #endif
380
381 #ifndef CONFIG_IOVEC
382 /* helper function for iov_send_recv() */
383 static ssize_t
384 readv_writev(int fd, const struct iovec *iov, int iov_cnt, bool do_write)
385 {
386 unsigned i = 0;
387 ssize_t ret = 0;
388 while (i < iov_cnt) {
389 ssize_t r = do_write
390 ? write(fd, iov[i].iov_base, iov[i].iov_len)
391 : read(fd, iov[i].iov_base, iov[i].iov_len);
392 if (r > 0) {
393 ret += r;
394 } else if (!r) {
395 break;
396 } else if (errno == EINTR) {
397 continue;
398 } else {
399 /* else it is some "other" error,
400 * only return if there was no data processed. */
401 if (ret == 0) {
402 ret = -1;
403 }
404 break;
405 }
406 i++;
407 }
408 return ret;
409 }
410
411 ssize_t
412 readv(int fd, const struct iovec *iov, int iov_cnt)
413 {
414 return readv_writev(fd, iov, iov_cnt, false);
415 }
416
417 ssize_t
418 writev(int fd, const struct iovec *iov, int iov_cnt)
419 {
420 return readv_writev(fd, iov, iov_cnt, true);
421 }
422 #endif