From 7b336789c79e369956d0b29c27d3355da46e3002 Mon Sep 17 00:00:00 2001 From: Julien Grall Date: Tue, 2 Apr 2019 17:42:35 +0100 Subject: [PATCH] xen/console: Properly buffer domU output when using CONSOLEIO_write The output will be buffered if the buffer provided by the DomU does not contain a newline. This can also happen if buffer provided by DomU is split in multiple part (Xen can only process 127 characters at the time). As Xen will remove any non-printable characters, the output buffer may be smaller than the buffer provided. However, Xen will buffer using the original length. This means that the NUL character and garbagge will be copied in the internal buffer. Once the newline is found or the internal buffer is full, only part of the internal buffer will end up to be printed. An easy way to reproduce it is: HYPERVISOR_consoleio(CONSOLEIO_write, "\33", 1); HYPERVISOR_consoleio(CONSOLEIO_write, "d", 1); HYPERVISOR_consoleio(CONSOLEIO_write, "\n", 1); In the current code, the character 'd' will not be printed. This problem can be solved by computing the size of the output buffer (i.e the buffer without the non-printable characters). Signed-off-by: Julien Grall Acked-by: Wei Liu --- xen/drivers/char/console.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/xen/drivers/char/console.c b/xen/drivers/char/console.c index 5f0f54201b..9bbcb0f57a 100644 --- a/xen/drivers/char/console.c +++ b/xen/drivers/char/console.c @@ -592,11 +592,11 @@ static long guest_console_write(XEN_GUEST_HANDLE_PARAM(char) buffer, int count) guest_printk(cd, XENLOG_G_DEBUG "%s%s\n", cd->pbuf, kbuf); cd->pbuf_idx = 0; } - else if ( cd->pbuf_idx + kcount < (DOMAIN_PBUF_SIZE - 1) ) + else if ( cd->pbuf_idx + (kout - kbuf) < (DOMAIN_PBUF_SIZE - 1) ) { /* buffer the output until a newline */ - memcpy(cd->pbuf + cd->pbuf_idx, kbuf, kcount); - cd->pbuf_idx += kcount; + memcpy(cd->pbuf + cd->pbuf_idx, kbuf, kout - kbuf); + cd->pbuf_idx += (kout - kbuf); } else { -- 2.39.5