[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] xen/arm: Avoid integer overflow using MIDR_IMPLEMENTOR_MASK


  • To: Julien Grall <julien@xxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>
  • Date: Fri, 25 Feb 2022 10:59:35 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=giFSduqJwy6ndyW6qpqhP1uaYgu3qzCTMZTFL2CquC0=; b=aLGCoyIcaS9BB2qehNxr5z4pA8qM+8lTc/pz6z8VJ9KP12WU77x3VDqww5dkLeJ/OxHRshJgL8R73QdmkxRAW47oOIUL6R3a3474SjkbuidCZIs9EdahYGmuC6BmoyRMvgIAr/SODPYAdsy/FxJCbpePwLSO03tm5SmKCs61EbTvlJGjIT6I1YLEQ0VQZrGfMBK22psxbXltzVGYxMqbTYEgaZi74oR0vDIukqX73sJZLxclDo0HLOOikwWlw+0FR6mSRG9gVZlu+hIjK/waAlLGNnAPVCc5rOsHWxU5nr0lJFpildxpM1JRwMk6mjXDOM82t8QRWGCY8j7TY4ymEg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=iyYWVygn9zrEnnHj670I+xMM078Mce7gbZaH/MN3GTppMKmBIKZBQi/S+KOOU5jycwAsEMSWgSDNQMwYEj8eIzWS4Qhj+l8AjFbt5ZFGjz8AfkVcAY/lCJfCZkTyF3IiA46jVBLwLBZr8pVZOJIMMf5v/Q5CoW/7YwbB+YoHR2iyVdQ+T6ejViKau7y3LJyJHWtrU2l56HVHnH5CQ0dBoqzb1V2Dj/pxqM7sh+Ama1gMLTd+Rc8UkNy07r+z1CBMuFwKqr+yc1Zt44gz9PV3kf35WZCkrP8jIF1osuqcmlaQ72zWBn0Bil66zh736inCml5+8c6ZWGFtlDREB3yFyA==
  • Authentication-results: esa4.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com
  • Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>
  • Delivery-date: Fri, 25 Feb 2022 10:59:49 +0000
  • Ironport-data: A9a23:a9SNCq+X+IrpkVwbtCOMDrUDaH6TJUtcMsCJ2f8bNWPcYEJGY0x3n 2AcC2uHOv3eamPzKtlyatvl/UhX7MTVydZnHAM5qC88E34SpcT7XtnIdU2Y0wF+jyHgoOCLy +1EN7Es+ehtFie0Si+Fa+Sn9T8mvU2xbuKU5NTsY0idfic5DnZ54f5fs7Rh2NQw24LkW1nlV e7a+KUzBnf0g1aYDUpMg06zgEsHUCPa4W5wUvQWPJinjXeG/5UnJMt3yZKZdhMUdrJ8DO+iL 9sv+Znilo/vE7XBPfv++lrzWhVirrc/pmFigFIOM0SpqkAqSiDfTs/XnRfTAKtao2zhojx/9 DlCnazgFwckYo7pouZHa0FZLRxMEvdov7CSdBBTseTLp6HHW37lwvEoB0AqJ4wIvO1wBAmi9 9RBdmpLNErawbvrnvTrEYGAhex6RCXvFKoZtmtt0nfyCvE+TIqYa67L+cVZzHE7gcUm8fP2O ZVDNWQ+Nk6ojxtnBWw2E6IDmvyT22DmNBJVqUPLhq0X/D2GpOB2+Oe0a4eEEjCQfu1OhVqRr G/C+2X/AzkZOcaZxD7D9Wij7sfFkDnnQosUGPu9/+RznVyI7mUJDVsdUl7Tice+jkmyStdOM Xs+8yAlrbUx3EGzR9y7VBq9yFaGoxodVtx4A+A8rgaXxcL85geSBmEACDlbetEinMYsQHoh0 Vrht8PkA3ljvaOYTVqZ96yItnWiNC4NN2gAaCQYCwwf7LHeTJob10yVCIw5Sejs04OzSWqYL y22QDYWt+VNjcNX9ICB/wr/2zOSm6rmFCBy6VCCNo661T9RaImgbo2uzFHU6/dcMYqUJmW8U Gg4d9u2t75XU8zU/MCZaKBURezyua7ZWNHJqQM3R/EcGyKRF2lPlGy6yBV3Pw9XP8kNYlcFi 2eD6FoKtPe/0JZHBJKbgr5d6ex2nMAM9vy/D5g4i+aihLArJWdrGwk0OCatM5jFyhRErE3GE c7znTyQJXgbE7976zG9Wv0Q17Qmrghnmz+OGsyik0n/ieLGDJJwdVvjGAHfBgzexPnZyDg5D v4Fb5fao/mheLeWjtbrHX47cglRcClT6WHeoM1LbO+TSjeK60l6Y8I9NYgJItQ/94wMz7+g1 ijkBidwlQqu7VWaeF7iQi0yN9vSsWNX8CtT0doEZg3zhRDOoO+Hsc8iSnfAVeJ/pbw7kKUtF KFtlgfpKq0ndwkrMg81NPHVhIdjaA6qlUSJOS+kayI4ZJluW0rC/dqMQ+cl3HNm4vaf3Sfmn 4Cd6w==
  • Ironport-hdrordr: A9a23:EgWR1K1zkjSqm+2r1AbfkAqjBRxyeYIsimQD101hICG9Lfb2qy n+ppgmPEHP5Qr5AEtQ5OxpOMG7MBbhHQYc2/hfAV7QZnibhILOFvAt0WKC+UytJ8SazIBgPM hbAtFD4bHLfDtHZIPBkXOF+rUbsZi6GcKT9J/jJh5WJGkAAcAB0+46MHfhLqQffngcOXNTLu v52iMznUvHRZ1hVLXdOpBqZZmgm/T70LbdJTIWDR8u7weDyRmy7qThLhSe1hACFxtS3LYL6w H+4kzEz5Tml8v+5g7X1mfV4ZgTssDm0MF/CMuFjdVQAinwizyveJ9qV9S5zXMISaCUmRQXee v30lMd1vdImjTsl6aO0F3QMjzboXMTArnZuAalaDXY0JTErXkBerV8bMpiA2XkAgwbzYtBOe twrhKkX9A8N2KwoA3to9fPTB1kjUyyvD4rlvMSlWVWVc8EZKZWtpF3xjIfLH4sJlOy1GkcKp gnMCgc3ocjTXqKK3TC+mV/yt2lWXo+Wh+AX0gZo8SQlzxbhmpwwUcUzNEW2i5ozuNxd7BUo+ Dfdqh4nrBHScEbKap7GecaWMOyTmjAWwjFPm6eKUnuUKsHJ3XOoZjq56hd3pDhRLUYiJ8p3J jRWlJRsmA/P0roFM2VxZVOtgvARW2sNA6dvP22J6IJzYEUaICbQxFrEmpe4PdIi89vd/HmZw ==
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHYKiNA8xx4cBmUbUiQd1elipGwDaykF/IAgAABUgA=
  • Thread-topic: [PATCH] xen/arm: Avoid integer overflow using MIDR_IMPLEMENTOR_MASK

On 25/02/2022 10:54, Julien Grall wrote:
> Hi Michal,
>
> On 25/02/2022 08:38, Michal Orzel wrote:
>> Value of macro MIDR_IMPLEMENTOR_MASK exceeds the range of integer
>> and can lead to overflow. Currently there is no issue as it is used
>> in an expression implicitly casted to u32 in MIDR_IS_CPU_MODEL_RANGE.
>> To avoid possible problems, fix the macro.
>
> Correct me if I am wrong, it sounds like this is only for hardening
> purpose at the moment.
>
> As this code is coming from Linux, I would prefer if we first upstream
> to Linux and then port to Xen once merged.

Well.  The expression is undefined behaviour in C, because of shifting
into the sign bit.

In principle, the compiler is free to optimise is_affected_midr_range()
to "return true" as a consequence, even if compilers tend not to be that
malicious.

~Andrew

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.