[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH 10/11] x86/shadow: correct shadow type bounds checks
- To: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
- From: Jan Beulich <jbeulich@xxxxxxxx>
- Date: Thu, 5 Jan 2023 17:07:08 +0100
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=dOUOzfolYR+T2htvQf9ACsmsUnGdPR9fDgi+OoWIHI0=; b=Wg+B8UTW5zEDkrK57UooT4YDqKkAAv9kO63FjwiESgumJVqxqnNo3eEzJ9B/mYrN6R1S/gM6K9xJjZkIGziH6YhAc/tSyWzMccv85knW/mHkKMOLt6iLFLd85vGErOjSTq2Xv5PpPqyrHYgqojo237s7mIQO4LgTZaP5XjyY1Kpz/SbA57IooXFeoWF9oKx74+DL5KqKYVX1ofhnYp9qJ6HHLi2nS7kmmiMu1rSaowgpBu1PUAK2awRyDjAwyg9mQOkbiIVI9GbhU4P3xhxhNlYIcpPRl1JOh1QYaaqtDO1DqSrckrU4snjIbTpRxDRZGap5dAYfTItR5uyk/QOofw==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=eWrIEqMbpyYPKBp72HL5f48dhXvraNwHfPslAXimjYCTBZdobp4Ly08KfFp8+86rDHZuJH8D+FLtd0bY6HUgytiWyUKZDRkef/IDjnHKv0i9hMDK/SpuwDnkf4oo3wANK9lxTXqDlssTOkNqzJcA8R/rF7xdshIloMMQ/FhjSb+KClg3LqisbR3tcYC0vCV6VQwhU+WeER1WFbNni/nkAKWLWpsKgnMKusAjHIssgr+9gipNzw9K6op3Y8LjuiarJpp+Sm20vTEaW6vD2tqXhsQ80rMjGZn7uC8c6MAY2US3Iy/mYk1hfdsj8zJrB61mXpjg14TuYfKl52QfolDC6w==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
- Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Tim Deegan <tim@xxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>
- Delivery-date: Thu, 05 Jan 2023 16:07:14 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
In sh_remove_shadow_via_pointer() the type range checks, besides being
bogus (should be ">= min && <= max"), are fully redundant with the has-
up-pointer assertion. In sh_hash_audit_bucket() properly use "min"
instead of assuming a certain order of type numbers.
Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
---
While style is wrong for the BUG_ON(), keep that aspect as is because of
all the neighboring ones.
--- a/xen/arch/x86/mm/shadow/common.c
+++ b/xen/arch/x86/mm/shadow/common.c
@@ -1425,7 +1425,7 @@ static void sh_hash_audit_bucket(struct
/* Not a shadow? */
BUG_ON( (sp->count_info & PGC_count_mask )!= 0 ) ;
/* Bogus type? */
- BUG_ON( sp->u.sh.type == 0 );
+ BUG_ON( sp->u.sh.type < SH_type_min_shadow );
BUG_ON( sp->u.sh.type > SH_type_max_shadow );
/* Wrong page of a multi-page shadow? */
BUG_ON( !sp->u.sh.head );
@@ -2077,8 +2077,6 @@ static int sh_remove_shadow_via_pointer(
l1_pgentry_t *vaddr;
int rc;
- ASSERT(sp->u.sh.type > 0);
- ASSERT(sp->u.sh.type < SH_type_max_shadow);
ASSERT(sh_type_has_up_pointer(d, sp->u.sh.type));
if (sp->up == 0) return 0;
|
