[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 1/2] x86: drop "index" parameter from get_free_pirq()



>>> On 05.09.12 at 14:36, Andrew Cooper <andrew.cooper3@xxxxxxxxxx> wrote:
> On 05/09/12 13:24, Jan Beulich wrote:
>> @@ -71,7 +71,7 @@ static int physdev_hvm_map_pirq(
>>          else
>>          {
>>              if ( *pirq < 0 )
>> -                *pirq = get_free_pirq(d, type, *index);
>> +                *pirq = get_free_pirq(d, type);
>>              ret = map_domain_emuirq_pirq(d, *pirq, *index);
> 
> 
> Relatedly (and I had already noticed this but not got round to making a
> patch because of other more urgent bugs)
> 
> You still have a chance here of passing an error into
> map_domain_emuirq_pirq, in the pirq value.  This is not a security issue
> as map_domain_emuirq_pirq does range check pirq, but may turn into a
> problem if the implementation of map_domain_emuirq_pirq changes.  I
> would say that for correctness sake, physdev_hvm_map_pirq() should range
> check get_free_pirq(), even if this will lead to a double range check of
> the value.

Yes, that would be more clean.

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.