Lots of pedantic error checking in Palacios proper, especially for memory

[palacios.git] / palacios / src / devices / ramdisk.c

diff --git a/palacios/src/devices/ramdisk.c b/palacios/src/devices/ramdisk.c
index 9a2e716..c8f9639 100644 (file)
--- a/palacios/src/devices/ramdisk.c
+++ b/palacios/src/devices/ramdisk.c
@@ -21,7 +21,7 @@
 #include <palacios/vmm_dev_mgr.h>
 
 
-#ifndef CONFIG_DEBUG_RAMDISK
+#ifndef V3_CONFIG_DEBUG_RAMDISK
 #undef PrintDebug
 #define PrintDebug(fmt, args...)
 #endif
@@ -37,6 +37,12 @@ static int read(uint8_t * buf, uint64_t lba, uint64_t num_bytes, void * private_
 
     PrintDebug("Reading %d bytes from %p to %p\n", (uint32_t)num_bytes, (uint8_t *)(disk->disk_image + lba), buf);
 
+    if (lba + num_bytes > disk->capacity) {
+       PrintError("read out of bounds:  lba=%llu (%p), num_bytes=%llu, capacity=%d (%p)\n", 
+                  lba, (void *)(addr_t)lba, num_bytes, disk->capacity, (void *)(addr_t)disk->capacity);
+       return -1;
+    }
+
     memcpy(buf, (uint8_t *)(disk->disk_image + lba), num_bytes);
 
     return 0;
@@ -48,6 +54,13 @@ static int write(uint8_t * buf, uint64_t lba, uint64_t num_bytes, void * private
 
     PrintDebug("Writing %d bytes from %p to %p\n", (uint32_t)num_bytes,  buf, (uint8_t *)(disk->disk_image + lba));
 
+    if (lba + num_bytes > disk->capacity) {
+       PrintError("write out of bounds: lba=%llu (%p), num_bytes=%llu, capacity=%d (%p)\n", 
+                  lba, (void *)(addr_t)lba, num_bytes, disk->capacity, (void *)(addr_t)disk->capacity);
+       return -1;
+    }
+
+
     memcpy((uint8_t *)(disk->disk_image + lba), buf, num_bytes);
 
     return 0;
@@ -72,34 +85,29 @@ static struct v3_dev_blk_ops blk_ops = {
 
 
 
-static int disk_free(struct vm_device * dev) {
+static int disk_free(struct disk_state * state) {
+
+    V3_Free(state);
     return 0;
 }
 
 static struct v3_device_ops dev_ops = {
-    .free = disk_free,
-    .reset = NULL,
-    .start = NULL,
-    .stop = NULL,
+    .free = (int (*)(void *))disk_free,
 };
 
 
 
 
-static int disk_init(struct guest_info * vm, v3_cfg_tree_t * cfg) {
+static int disk_init(struct v3_vm_info * vm, v3_cfg_tree_t * cfg) {
     struct disk_state * disk = NULL;
     struct v3_cfg_file * file = NULL;
-    char * name = v3_cfg_val(cfg, "name");
+    char * dev_id = v3_cfg_val(cfg, "ID");
     char * filename = v3_cfg_val(cfg, "file");
 
     v3_cfg_tree_t * frontend_cfg = v3_cfg_subtree(cfg, "frontend");
 
-    disk = (struct disk_state *)V3_Malloc(sizeof(struct disk_state));
-    memset(disk, 0, sizeof(struct disk_state));
-
-
     if (!filename) {
-       PrintError("Missing filename (%s) for %s\n", filename, name);
+       PrintError("Missing filename (%s) for %s\n", filename, dev_id);
        return -1;
     }
 
@@ -110,22 +118,36 @@ static int disk_init(struct guest_info * vm, v3_cfg_tree_t * cfg) {
        return -1;
     }
 
+
+    disk = (struct disk_state *)V3_Malloc(sizeof(struct disk_state));
+
+    if (!disk) {
+       PrintError("Cannot allocate in init\n");
+       return -1;
+    }
+
+    memset(disk, 0, sizeof(struct disk_state));
+
     disk->disk_image = file->data;
     disk->capacity = file->size;
     PrintDebug("Registering RAMDISK at %p (size=%d)\n", 
               (void *)file->data, (uint32_t)file->size);
 
-    struct vm_device * dev = v3_allocate_device(name, &dev_ops, disk);
 
-    if (v3_attach_device(vm, dev) == -1) {
-       PrintError("Could not attach device %s\n", name);
+    struct vm_device * dev = v3_add_device(vm, dev_id, &dev_ops, disk);
+
+    if (dev == NULL) {
+       PrintError("Could not attach device %s\n", dev_id);
+       V3_Free(disk);
        return -1;
     }
 
+
     if (v3_dev_connect_blk(vm, v3_cfg_val(frontend_cfg, "tag"), 
                           &blk_ops, frontend_cfg, disk) == -1) {
        PrintError("Could not connect %s to frontend %s\n", 
-                  name, v3_cfg_val(frontend_cfg, "tag"));
+                  dev_id, v3_cfg_val(frontend_cfg, "tag"));
+       v3_remove_device(dev);
        return -1;
     }