[v2] xen/sched: fix sched_move_domain() for domain without vcpus

[PATCH v2] xen/sched: fix sched_move_domain() for domain without vcpus

Posted by Juergen Gross 2 years, 7 months ago

In case a domain is created with a cpupool other than Pool-0 specified
it will be moved to that cpupool before any vcpus are allocated.

This will lead to a NULL pointer dereference in sched_move_domain().

Fix that by tolerating vcpus not being allocated yet.

Fixes: 70fadc41635b9b6 ("xen/cpupool: support moving domain between cpupools with different granularity")
Reported-by: Bertrand Marquis <bertrand.marquis@arm.com>
Signed-off-by: Juergen Gross <jgross@suse.com>
---
V2:
- Only test for vcpu[0] not being present (Jan Beulich)
---
 xen/common/sched/core.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/xen/common/sched/core.c b/xen/common/sched/core.c
index 8d178baf3d..8f4b1ca10d 100644
--- a/xen/common/sched/core.c
+++ b/xen/common/sched/core.c
@@ -651,7 +651,7 @@ int sched_move_domain(struct domain *d, struct cpupool *c)
     struct scheduler *old_ops = dom_scheduler(d);
     void *old_domdata;
     unsigned int gran = cpupool_get_granularity(c);
-    unsigned int n_units = DIV_ROUND_UP(d->max_vcpus, gran);
+    unsigned int n_units = d->vcpu[0] ? DIV_ROUND_UP(d->max_vcpus, gran) : 0;
     int ret = 0;
 
     for_each_vcpu ( d, v )
-- 
2.26.2

Re: [PATCH v2] xen/sched: fix sched_move_domain() for domain without vcpus

Posted by Dario Faggioli 2 years, 7 months ago

On Wed, 2021-09-08 at 15:04 +0200, Juergen Gross wrote:
> In case a domain is created with a cpupool other than Pool-0
> specified
> it will be moved to that cpupool before any vcpus are allocated.
> 
> This will lead to a NULL pointer dereference in sched_move_domain().
> 
> Fix that by tolerating vcpus not being allocated yet.
> 
> Fixes: 70fadc41635b9b6 ("xen/cpupool: support moving domain between
> cpupools with different granularity")
> Reported-by: Bertrand Marquis <bertrand.marquis@arm.com>
> Signed-off-by: Juergen Gross <jgross@suse.com>
>
Reviewed-by: Dario Faggioli <dfaggioli@suse.com>

Regards
-- 
Dario Faggioli, Ph.D
http://about.me/dario.faggioli
Virtualization Software Engineer
SUSE Labs, SUSE https://www.suse.com/
-------------------------------------------------------------------
<<This happens because _I_ choose it to happen!>> (Raistlin Majere)

Re: [PATCH v2] xen/sched: fix sched_move_domain() for domain without vcpus

Posted by Luca Fancellu 2 years, 7 months ago


> On 8 Sep 2021, at 14:04, Juergen Gross <jgross@suse.com> wrote:
> 
> In case a domain is created with a cpupool other than Pool-0 specified
> it will be moved to that cpupool before any vcpus are allocated.
> 
> This will lead to a NULL pointer dereference in sched_move_domain().
> 
> Fix that by tolerating vcpus not being allocated yet.
> 
> Fixes: 70fadc41635b9b6 ("xen/cpupool: support moving domain between cpupools with different granularity")
> Reported-by: Bertrand Marquis <bertrand.marquis@arm.com>
> Signed-off-by: Juergen Gross <jgross@suse.com>

Reviewed-by: Luca Fancellu <Luca.fancellu@arm.com>

> ---
> V2:
> - Only test for vcpu[0] not being present (Jan Beulich)
> ---
> xen/common/sched/core.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/xen/common/sched/core.c b/xen/common/sched/core.c
> index 8d178baf3d..8f4b1ca10d 100644
> --- a/xen/common/sched/core.c
> +++ b/xen/common/sched/core.c
> @@ -651,7 +651,7 @@ int sched_move_domain(struct domain *d, struct cpupool *c)
>     struct scheduler *old_ops = dom_scheduler(d);
>     void *old_domdata;
>     unsigned int gran = cpupool_get_granularity(c);
> -    unsigned int n_units = DIV_ROUND_UP(d->max_vcpus, gran);
> +    unsigned int n_units = d->vcpu[0] ? DIV_ROUND_UP(d->max_vcpus, gran) : 0;
>     int ret = 0;
> 
>     for_each_vcpu ( d, v )
> -- 
> 2.26.2
> 
>