vmm: Consolidate VM name length checking

vm_create() is only called from one place.  Rather than having similar
checks everywhere, move them to vmmdev_create().

We can safely assume that the name is nul-terminated, the vmmctl ioctl
handler and the legacy sysctl handler ensure this.  So, don't bother
with strnlen().

Finally, make sure that the name buffers are the same size on all
platforms.  VM_MAX_NAMELEN is supposed to be the maximum, not including
the nul terminator.

Reviewed by:	corvink
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Sponsored by:	Klara, Inc.
Differential Revision:	https://reviews.freebsd.org/D53422

Author: markjdb

sys/amd64/include/vmm.h

@@ -122,33 +122,7 @@ enum x2apic_state {
 #define	VM_INTINFO_HWEXCEPTION	(3 << 8)
 #define	VM_INTINFO_SWINTR	(4 << 8)
 
-/*
- * The VM name has to fit into the pathname length constraints of devfs,
- * governed primarily by SPECNAMELEN.  The length is the total number of
- * characters in the full path, relative to the mount point and not
- * including any leading '/' characters.
- * A prefix and a suffix are added to the name specified by the user.
- * The prefix is usually "vmm/" or "vmm.io/", but can be a few characters
- * longer for future use.
- * The suffix is a string that identifies a bootrom image or some similar
- * image that is attached to the VM. A separator character gets added to
- * the suffix automatically when generating the full path, so it must be
- * accounted for, reducing the effective length by 1.
- * The effective length of a VM name is 229 bytes for FreeBSD 13 and 37
- * bytes for FreeBSD 12.  A minimum length is set for safety and supports
- * a SPECNAMELEN as small as 32 on old systems.
- */
-#define VM_MAX_PREFIXLEN 10
-#define VM_MAX_SUFFIXLEN 15
-#define VM_MIN_NAMELEN   6
-#define VM_MAX_NAMELEN \
-    (SPECNAMELEN - VM_MAX_PREFIXLEN - VM_MAX_SUFFIXLEN - 1)
-
 #ifdef _KERNEL
-#include <sys/kassert.h>
-
-CTASSERT(VM_MAX_NAMELEN >= VM_MIN_NAMELEN);
-
 struct vm;
 struct vm_exception;
 struct vm_mem;

sys/amd64/include/vmm_dev.h

@@ -34,6 +34,8 @@
 #include <machine/vmm.h>
 #include <machine/vmm_snapshot.h>
 
+#include <dev/vmm/vmm_param.h>
+
 struct vm_memmap {
 	vm_paddr_t	gpa;
 	int		segid;		/* memory segment */

sys/amd64/vmm/vmm.c

@@ -523,10 +523,6 @@ vm_create(const char *name, struct vm **retvm)
 	struct vm *vm;
 	int error;
 
-	if (name == NULL || strnlen(name, VM_MAX_NAMELEN + 1) ==
-	    VM_MAX_NAMELEN + 1)
-		return (EINVAL);
-
 	vm = malloc(sizeof(struct vm), M_VM, M_WAITOK | M_ZERO);
 	error = vm_mem_init(&vm->mem, 0, VM_MAXUSER_ADDRESS_LA48);
 	if (error != 0) {

sys/arm64/include/vmm.h

@@ -106,27 +106,6 @@ enum vm_reg_name {
 
 #define VM_GUEST_BASE_IPA	0x80000000UL	/* Guest kernel start ipa */
 
-/*
- * The VM name has to fit into the pathname length constraints of devfs,
- * governed primarily by SPECNAMELEN.  The length is the total number of
- * characters in the full path, relative to the mount point and not 
- * including any leading '/' characters.
- * A prefix and a suffix are added to the name specified by the user.
- * The prefix is usually "vmm/" or "vmm.io/", but can be a few characters
- * longer for future use.
- * The suffix is a string that identifies a bootrom image or some similar
- * image that is attached to the VM. A separator character gets added to
- * the suffix automatically when generating the full path, so it must be
- * accounted for, reducing the effective length by 1.
- * The effective length of a VM name is 229 bytes for FreeBSD 13 and 37
- * bytes for FreeBSD 12.  A minimum length is set for safety and supports
- * a SPECNAMELEN as small as 32 on old systems.
- */
-#define VM_MAX_PREFIXLEN 10
-#define VM_MAX_SUFFIXLEN 15
-#define VM_MAX_NAMELEN \
-    (SPECNAMELEN - VM_MAX_PREFIXLEN - VM_MAX_SUFFIXLEN - 1)
-
 #ifdef _KERNEL
 struct vm;
 struct vm_exception;

sys/arm64/include/vmm_dev.h

@@ -31,6 +31,8 @@
 
 #include <machine/vmm.h>
 
+#include <dev/vmm/vmm_param.h>
+
 struct vm_memmap {
 	vm_paddr_t	gpa;
 	int		segid;		/* memory segment */

sys/arm64/vmm/vmm.c

@@ -124,7 +124,7 @@ struct vm {
 	volatile cpuset_t suspended_cpus; 	/* (i) suspended vcpus */
 	volatile cpuset_t halted_cpus;		/* (x) cpus in a hard halt */
 	struct vm_mem	mem;			/* (i) guest memory */
-	char		name[VM_MAX_NAMELEN];	/* (o) virtual machine name */
+	char		name[VM_MAX_NAMELEN + 1];	/* (o) virtual machine name */
 	struct vcpu	**vcpu;			/* (i) guest vcpus */
 	struct vmm_mmio_region mmio_region[VM_MAX_MMIO_REGIONS];
 						/* (o) guest MMIO regions */
@@ -437,9 +437,6 @@ vm_create(const char *name, struct vm **retvm)
 	struct vm *vm;
 	int error;
 
-	if (name == NULL || strlen(name) >= VM_MAX_NAMELEN)
-		return (EINVAL);
-
 	vm = malloc(sizeof(struct vm), M_VMM, M_WAITOK | M_ZERO);
 	error = vm_mem_init(&vm->mem, 0, 1ul << 39);
 	if (error != 0) {

sys/dev/vmm/vmm_dev.c

@@ -984,6 +984,9 @@ vmmdev_create(const char *name, struct ucred *cred)
 	struct vm *vm;
 	int error;
 
+	if (name == NULL || strlen(name) > VM_MAX_NAMELEN)
+		return (EINVAL);
+
 	sx_xlock(&vmmdev_mtx);
 	sc = vmmdev_lookup(name, cred);
 	if (sc != NULL) {

sys/dev/vmm/vmm_dev.h

@@ -11,8 +11,11 @@
 
 #include <sys/types.h>
 #include <sys/ioccom.h>
+
 #include <machine/vmm_dev.h>
 
+#include <dev/vmm/vmm_param.h>
+
 #ifdef _KERNEL
 struct thread;
 struct vm;

sys/dev/vmm/vmm_param.h

@@ -0,0 +1,33 @@
+/*-
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright (c) 2011 NetApp, Inc.
+ * All rights reserved.
+ */
+
+#ifndef _DEV_VMM_PARAM_H_
+#define	_DEV_VMM_PARAM_H_
+
+/*
+ * The VM name has to fit into the pathname length constraints of devfs,
+ * governed primarily by SPECNAMELEN.  The length is the total number of
+ * characters in the full path, relative to the mount point and not
+ * including any leading '/' characters.
+ * A prefix and a suffix are added to the name specified by the user.
+ * The prefix is usually "vmm/" or "vmm.io/", but can be a few characters
+ * longer for future use.
+ * The suffix is a string that identifies a bootrom image or some similar
+ * image that is attached to the VM. A separator character gets added to
+ * the suffix automatically when generating the full path, so it must be
+ * accounted for, reducing the effective length by 1.
+ * The effective length of a VM name is 229 bytes for FreeBSD 13 and 37
+ * bytes for FreeBSD 12.  A minimum length is set for safety and supports
+ * a SPECNAMELEN as small as 32 on old systems.
+ */
+#define	VM_MAX_PREFIXLEN	10
+#define	VM_MAX_SUFFIXLEN	15
+#define	VM_MIN_NAMELEN		6
+#define	VM_MAX_NAMELEN		\
+	(SPECNAMELEN - VM_MAX_PREFIXLEN - VM_MAX_SUFFIXLEN - 1)
+
+#endif /* !_DEV_VMM_PARAM_H_ */

sys/riscv/include/vmm.h

@@ -103,9 +103,6 @@ enum vm_reg_name {
 #define	VM_INTINFO_HWEXCEPTION	(3 << 8)
 #define	VM_INTINFO_SWINTR	(4 << 8)
 
-#define	VM_MAX_NAMELEN	32
-#define VM_MAX_SUFFIXLEN 15
-
 #ifdef _KERNEL
 
 struct vm;