1. Patchew
  2. Xen
  3. View series

[Xen-devel] [PATCH v4] xen/arm: domain_build: harden make_cpus_node()

Stefano Stabellini posted 1 patch 4 years, 6 months ago
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/xen tags/patchew/20191010004211.31017-1-sstabellini@kernel.org
xen/arch/arm/domain_build.c | 19 +++++++++++++++++--
1 file changed, 17 insertions(+), 2 deletions(-)
[Xen-devel] [PATCH v4] xen/arm: domain_build: harden make_cpus_node()
Posted by Stefano Stabellini 4 years, 6 months ago 
make_cpus_node() is using a static buffer to generate the FDT node name.
While mpdir_aff is a 64-bit integer, we only ever use the bits [23:0] as
only AFF{0, 1, 2} are supported for now.

To avoid any potential issues in the future, check that mpdir_aff has
only bits [23:0] set.

Take the opportunity to reduce the size of the buffer. Indeed, only 8
characters are needed to print a 32-bit hexadecimal number. So
sizeof("cpu@") + 8 + 1 (for '\0') = 13 characters is sufficient.

Fixes: c81a791d34 (xen/arm: Set 'reg' of cpu node for dom0 to match MPIDR's affinity)
Signed-off-by: Stefano Stabellini <stefano.stabellini@xilinx.com>
---
Changes in v4:
- commit message
- in-code comments

Changes in v3:
- make sure only [23:0] bits are used in mpidr_aff
- clarify that we only need 32bit for buf writes

Changes in v2:
- patch added
---
 xen/arch/arm/domain_build.c | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

diff --git a/xen/arch/arm/domain_build.c b/xen/arch/arm/domain_build.c
index 921b054520..38adb6e954 100644
--- a/xen/arch/arm/domain_build.c
+++ b/xen/arch/arm/domain_build.c
@@ -788,8 +788,8 @@ static int __init make_cpus_node(const struct domain *d, void *fdt)
     unsigned int cpu;
     const void *compatible = NULL;
     u32 len;
-    /* Placeholder for cpu@ + a 32-bit number + \0 */
-    char buf[15];
+    /* Placeholder for cpu@ + a 32-bit hexadecimal number + \0 */
+    char buf[13];
     u32 clock_frequency;
     bool clock_valid;
     uint64_t mpidr_aff;
@@ -847,11 +847,26 @@ static int __init make_cpus_node(const struct domain *d, void *fdt)
          * the MPIDR's affinity bits. We will use AFF0 and AFF1 when
          * constructing the reg value of the guest at the moment, for it
          * is enough for the current max vcpu number.
+         *
+         * We only deal with AFF{0, 1, 2} stored in bits [23:0] at the
+         * moment.
          */
         mpidr_aff = vcpuid_to_vaffinity(cpu);
+        if ( (mpidr_aff & ~GENMASK_ULL(23, 0)) != 0 )
+        {
+            printk(XENLOG_ERR "Unable to handle MPIDR AFFINITY 0x%"PRIx64"\n", 
+                   mpidr_aff);
+            return -EINVAL;
+        }
+
         dt_dprintk("Create cpu@%"PRIx64" (logical CPUID: %d) node\n",
                    mpidr_aff, cpu);
 
+        /*
+         * We use PRIx64 because mpidr_aff is a 64bit integer. However,
+         * only bits [23:0] are used, thus, we are sure it will fit in
+         * buf.
+         */
         snprintf(buf, sizeof(buf), "cpu@%"PRIx64, mpidr_aff);
         res = fdt_begin_node(fdt, buf);
         if ( res )
-- 
2.17.1


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
Re: [Xen-devel] [PATCH v4] xen/arm: domain_build: harden make_cpus_node()
Posted by Jürgen Groß 4 years, 6 months ago 
On 10.10.19 02:42, Stefano Stabellini wrote:
> make_cpus_node() is using a static buffer to generate the FDT node name.
> While mpdir_aff is a 64-bit integer, we only ever use the bits [23:0] as
> only AFF{0, 1, 2} are supported for now.
> 
> To avoid any potential issues in the future, check that mpdir_aff has
> only bits [23:0] set.
> 
> Take the opportunity to reduce the size of the buffer. Indeed, only 8
> characters are needed to print a 32-bit hexadecimal number. So
> sizeof("cpu@") + 8 + 1 (for '\0') = 13 characters is sufficient.
> 
> Fixes: c81a791d34 (xen/arm: Set 'reg' of cpu node for dom0 to match MPIDR's affinity)
> Signed-off-by: Stefano Stabellini <stefano.stabellini@xilinx.com>

Release-acked-by: Juergen Gross <jgross@suse.com>


Juergen

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
Re: [Xen-devel] [PATCH v4] xen/arm: domain_build: harden make_cpus_node()
Posted by Julien Grall 4 years, 6 months ago 
Hi Stefano,

On 10/10/19 1:42 AM, Stefano Stabellini wrote:
> make_cpus_node() is using a static buffer to generate the FDT node name.
> While mpdir_aff is a 64-bit integer, we only ever use the bits [23:0] as
> only AFF{0, 1, 2} are supported for now.
> 
> To avoid any potential issues in the future, check that mpdir_aff has
> only bits [23:0] set.
> 
> Take the opportunity to reduce the size of the buffer. Indeed, only 8
> characters are needed to print a 32-bit hexadecimal number. So
> sizeof("cpu@") + 8 + 1 (for '\0') = 13 characters is sufficient.
> 
> Fixes: c81a791d34 (xen/arm: Set 'reg' of cpu node for dom0 to match MPIDR's affinity)
> Signed-off-by: Stefano Stabellini <stefano.stabellini@xilinx.com>

Reviewed-by: Julien Grall <julien.grall@arm.com>

Cheers,

-- 
Julien Grall

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel

Patchew 2.1-devel-0870f84

© 2016 - 2024 Red Hat, Inc.