From 4616f540dfd4f902a9603264be636d291986abaa Mon Sep 17 00:00:00 2001 From: Norman Feske Date: Tue, 16 Jun 2015 15:19:15 +0200 Subject: [PATCH] report_rom: clear stale content When replacing a report with a smaller one, the corresponding ROM dataspace should not contain any traces of the old report. Otherwise, the consumer of the ROM dataspace may mistake the stale content as meaningful information. This is particularly annoying when manually inspecting reports. This patch overwrites the stale content with zeros. --- repos/os/src/server/report_rom/rom_service.h | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/repos/os/src/server/report_rom/rom_service.h b/repos/os/src/server/report_rom/rom_service.h index e0320d0fe9..a73bdc9904 100644 --- a/repos/os/src/server/report_rom/rom_service.h +++ b/repos/os/src/server/report_rom/rom_service.h @@ -41,6 +41,8 @@ class Rom::Session_component : public Genode::Rpc_object, Lazy_volatile_object _ds; + size_t _content_size = 0; + Genode::Signal_context_capability _sigh; public: @@ -65,7 +67,7 @@ class Rom::Session_component : public Genode::Rpc_object, _ds.construct(env()->ram_session(), _module.size()); /* fill dataspace content with report contained in module */ - _module.read_content(_ds->local_addr(), _ds->size()); + _content_size = _module.read_content(_ds->local_addr(), _ds->size()); /* cast RAM into ROM dataspace capability */ Dataspace_capability ds_cap = static_cap_cast(_ds->cap()); @@ -78,7 +80,16 @@ class Rom::Session_component : public Genode::Rpc_object, if (!_ds.is_constructed() || _module.size() > _ds->size()) return false; - _module.read_content(_ds->local_addr(), _ds->size()); + size_t const new_content_size = + _module.read_content(_ds->local_addr(), _ds->size()); + + /* clear difference between old and new content */ + if (new_content_size < _content_size) + Genode::memset(_ds->local_addr() + new_content_size, 0, + _content_size - new_content_size); + + _content_size = new_content_size; + return true; }