From nobody Tue Apr 23 09:24:42 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org ARC-Seal: i=1; a=rsa-sha256; t=1617376896; cv=none; d=zohomail.com; s=zohoarc; b=CjeOABzYj5eqmCEkjrMZfX5esw2+o9/5CyZD9fA408F3KOz94h6mq1qm5AdEyTrhXoC7WLmnFx3GtclSrApChKtRSOZ3Jf7OKorXEmNtesAUXQ8qLqHtuFDHwDhmaHCI/d5LD62qh1Rj/EgBZnPjD1749SQAP6Gsu/D15vBJd0c= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1617376896; h=Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:Message-ID:References:Sender:Subject:To; bh=8l2SWhRF4hXjT/n8ib3kpA3rAz6cYAQdMNmVVhQCfJc=; b=W68n6N25m1vTkzyQqIkSIQRm4+fL7WOYQmS910JooBJy+0jViaDRdQ2df040vQdQ/CJNXvV2aqTILWPV7wIFOxd6u6ZFKLw4jsiqLX6tttZfgGJTWCb1pL9OgwY9lzGR08abcmxJhZxco3Xu00fw0LZ/N+tY1h8TYEag20vDJcU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1617376896587820.4360396788283; Fri, 2 Apr 2021 08:21:36 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.104888.200887 (Exim 4.92) (envelope-from ) id 1lSLbj-0004Ss-QA; Fri, 02 Apr 2021 15:21:11 +0000 Received: by outflank-mailman (output) from mailman id 104888.200887; Fri, 02 Apr 2021 15:21:11 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1lSLbj-0004Sl-Ml; Fri, 02 Apr 2021 15:21:11 +0000 Received: by outflank-mailman (input) for mailman id 104888; Fri, 02 Apr 2021 15:21:10 +0000 Received: from mail.xenproject.org ([104.130.215.37]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1lSLbi-0004Sb-Hy for xen-devel@lists.xenproject.org; Fri, 02 Apr 2021 15:21:10 +0000 Received: from xenbits.xenproject.org ([104.239.192.120]) by mail.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1lSLbi-00009f-3w; Fri, 02 Apr 2021 15:21:10 +0000 Received: from 54-240-197-235.amazon.com ([54.240.197.235] helo=ufe34d9ed68d054.ant.amazon.com) by xenbits.xenproject.org with esmtpsa (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1lSLbh-00050B-Qp; Fri, 02 Apr 2021 15:21:10 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=xen.org; s=20200302mail; h=References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From; bh=8l2SWhRF4hXjT/n8ib3kpA3rAz6cYAQdMNmVVhQCfJc=; b=sZgkbqyKP4h660FFtsmJw+U7d uaIGvr6cJxJHac3CJ7UWPOxUrkgFZx9cJLjwUMP05gOTM4RpUSF92RdZB2tKqWCZev1SdMqOuhUj5 ugMJhLkS52TzXfkeCIviCGmyFyEb/7PQ0l93y2sgniwl8KgThtDnO6trrZGAwSlv/VIKU=; From: Julien Grall To: xen-devel@lists.xenproject.org Cc: bertrand.marquis@arm.com, Julien Grall , Stefano Stabellini , Julien Grall , Volodymyr Babchuk Subject: [PATCH 1/2] xen/arm: kernel: Propagate the error if we fail to decompress the kernel Date: Fri, 2 Apr 2021 16:21:04 +0100 Message-Id: <20210402152105.29387-2-julien@xen.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210402152105.29387-1-julien@xen.org> References: <20210402152105.29387-1-julien@xen.org> X-ZohoMail-DKIM: pass (identity @xen.org) Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" From: Julien Grall Currently, we are ignoring any error from perform_gunzip() and replacing the compressed kernel with the "uncompressed" kernel. If there is a gzip failure, then it means that the output buffer may contain garbagge. So it can result to various sort of behavior that may be difficult to root cause. In case of failure, free the output buffer and propagate the error. We also need to adjust the return check for kernel_compress() as perform_gunzip() may return a positive value. Take the opportunity to adjust the code style for the check. Signed-off-by: Julien Grall --- xen/arch/arm/kernel.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/xen/arch/arm/kernel.c b/xen/arch/arm/kernel.c index ab78689ed2a6..f6b60ab77355 100644 --- a/xen/arch/arm/kernel.c +++ b/xen/arch/arm/kernel.c @@ -292,6 +292,12 @@ static __init int kernel_decompress(struct bootmodule = *mod) iounmap(input); vunmap(output); =20 + if ( rc ) + { + free_domheap_pages(pages); + return rc; + } + mod->start =3D page_to_maddr(pages); mod->size =3D output_size; =20 @@ -503,7 +509,7 @@ int __init kernel_probe(struct kernel_info *info, =20 /* if it is a gzip'ed image, 32bit or 64bit, uncompress it */ rc =3D kernel_decompress(mod); - if (rc < 0 && rc !=3D -EINVAL) + if ( rc && rc !=3D -EINVAL ) return rc; =20 #ifdef CONFIG_ARM_64 --=20 2.17.1 From nobody Tue Apr 23 09:24:42 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org ARC-Seal: i=1; a=rsa-sha256; t=1617376896; cv=none; d=zohomail.com; s=zohoarc; b=clAQoEx8NUBuWHulYOc0aqwi+FbBftQP4+SVYHCEd/dh1qB5rXv6dKD5LfRoyls0IuyksxpRijtTZNyqS9gjTAkdnOszWgMLFI0Pzkgvi6gIuKwPLHn/wPG7U5z1NYfuqMwDhW3xrOJD5cvv4aDQEq2+9n46tRSAXojTiwW77+w= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1617376896; h=Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:Message-ID:References:Sender:Subject:To; bh=jQfOL7sF0Ax2+OqBBQai2IFHdDIfjtAQ7KE5lYnqt0Y=; b=GUQswMCTGKZmGNrvTsWwkrVMcyyGrG8N2OhABBMcE5QEUg82kYkDJimWVjU02iCXr/tW2X+KyCVhbmulUsuGvD8BAZEI2M4eGifPqwkOlNK+wQENcjqirN+Za1r/G2YCPz8rzauih3D2b6Iss5BDn5sIsx13RGoinE3qj4zc8Rw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1617376896126378.34278733231577; Fri, 2 Apr 2021 08:21:36 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.104890.200910 (Exim 4.92) (envelope-from ) id 1lSLbl-0004Uz-GG; Fri, 02 Apr 2021 15:21:13 +0000 Received: by outflank-mailman (output) from mailman id 104890.200910; Fri, 02 Apr 2021 15:21:13 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1lSLbl-0004Us-Cn; Fri, 02 Apr 2021 15:21:13 +0000 Received: by outflank-mailman (input) for mailman id 104890; Fri, 02 Apr 2021 15:21:12 +0000 Received: from mail.xenproject.org ([104.130.215.37]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1lSLbk-0004Ui-Nm for xen-devel@lists.xenproject.org; Fri, 02 Apr 2021 15:21:12 +0000 Received: from xenbits.xenproject.org ([104.239.192.120]) by mail.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1lSLbj-00009o-PF; Fri, 02 Apr 2021 15:21:11 +0000 Received: from 54-240-197-235.amazon.com ([54.240.197.235] helo=ufe34d9ed68d054.ant.amazon.com) by xenbits.xenproject.org with esmtpsa (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1lSLbj-00050B-EP; Fri, 02 Apr 2021 15:21:11 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=xen.org; s=20200302mail; h=References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From; bh=jQfOL7sF0Ax2+OqBBQai2IFHdDIfjtAQ7KE5lYnqt0Y=; b=gv+DsuaLbFWMDN4dwFQLxy6t+ yuFXCq5ZQAMJkrwLTwuX0Mz/MJBvTbulaBmBt1Q993VWbR+PTA8mZvm0SPlKUUtkOsmBexrEYRcY1 V4KrLOu6zWgicNymonlWP8bQMNSCMfRcu2B0/nM/rq54VdUONKLKDjvhiUF7BpzaFui2k=; From: Julien Grall To: xen-devel@lists.xenproject.org Cc: bertrand.marquis@arm.com, Julien Grall , Andrew Cooper , George Dunlap , Ian Jackson , Jan Beulich , Julien Grall , Stefano Stabellini , Wei Liu Subject: [PATCH 2/2] xen/gunzip: Allow perform_gunzip() to be called multiple times Date: Fri, 2 Apr 2021 16:21:05 +0100 Message-Id: <20210402152105.29387-3-julien@xen.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210402152105.29387-1-julien@xen.org> References: <20210402152105.29387-1-julien@xen.org> X-ZohoMail-DKIM: pass (identity @xen.org) Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" From: Julien Grall Currently perform_gunzip() can only be called once because the the internal state (e.g allocate) is not fully re-initialized. This works fine if you are only booting dom0. But this will break when booting multiple using the dom0less that uses compressed kernel images. This can be resolved by re-initializing bytes_out, malloc_ptr, malloc_count every time perform_gunzip() is called. Note the latter is only re-initialized for hardening purpose as there is no guarantee that every malloc() are followed by free() (It should in theory!). Take the opportunity to check the return of alloc_heap_pages() to return an error rather than dereferencing a NULL pointer later on failure. Reported-by: Charles Chiou Signed-off-by: Julien Grall Reviewed-by: Jan Beulich --- xen/common/gunzip.c | 5 +++++ xen/common/inflate.c | 6 ++++++ 2 files changed, 11 insertions(+) diff --git a/xen/common/gunzip.c b/xen/common/gunzip.c index db4efcd34b77..425d64e904d8 100644 --- a/xen/common/gunzip.c +++ b/xen/common/gunzip.c @@ -114,11 +114,16 @@ __init int perform_gunzip(char *output, char *image, = unsigned long image_len) window =3D (unsigned char *)output; =20 free_mem_ptr =3D (unsigned long)alloc_xenheap_pages(HEAPORDER, 0); + if ( !free_mem_ptr ) + return -ENOMEM; + free_mem_end_ptr =3D free_mem_ptr + (PAGE_SIZE << HEAPORDER); + init_allocator(); =20 inbuf =3D (unsigned char *)image; insize =3D image_len; inptr =3D 0; + bytes_out =3D 0; =20 makecrc(); =20 diff --git a/xen/common/inflate.c b/xen/common/inflate.c index f99c985d6135..d8c28a3e9593 100644 --- a/xen/common/inflate.c +++ b/xen/common/inflate.c @@ -238,6 +238,12 @@ STATIC const ush mask_bits[] =3D { static unsigned long INITDATA malloc_ptr; static int INITDATA malloc_count; =20 +static void init_allocator(void) +{ + malloc_ptr =3D free_mem_ptr; + malloc_count =3D 0; +} + static void *INIT malloc(int size) { void *p; --=20 2.17.1