[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH] xen/arm: Fix UBSAN failure in start_xen()

  • To: <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Michal Orzel <michal.orzel@xxxxxxx>
  • Date: Thu, 8 Feb 2024 11:43:39 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0)
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Qe6SRiNUmo8alfoEpeT1FGLlqpS/CEq6DFcwSK5kqkw=; b=TWtBHGWo1nB0eVHAjLHCQjTMafIXRmFPqpUTcvurws7IDciFgk31b7hvYoxfm0HFIV08nrLwLExnLtGO8Nquo7qicuhqAnQowGvowMtnYjllOGGjdo3O4y1ixc/ZF5tfn9ciNJJwglpL6SQV+NJ9Xr80NVXV95oZlum34/AhChAY/sW7AWsMtstJtEf6gNYfG3lrm5LccE4ga2z4Lj4z+x4G22n2ia0C74/MRtOuYxjT121OHcEkH3vr5G3gyhpAFkXSM/JPQwj8ovNm6GrhL/fjxiBAyPnAAGh0Jj1gmiLfyQroXI+OMxbVIXMa5+DGoDmX9IPrFRSYVY6bsSjRwQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=E2bcZFAkakoZypWyc7LQEQYZwWGo0Jb6fu//3u/ZZabzF/eboREq16Je2Lg+JyOmsUGptmytC2Culdtsa17p+985WdNF4sEZnLXMdNJDk/hWPAZncvhLOHYqnRXOqq57/Pji9z4n5awAXz74+16F/D9Qo8Wi1Pa/Xr5OiEQPH3KH/nnMtXK9M+kRlK0RWIKfd+YvCo+e8NKK4RQRDVncjheitfQ5TZyrJXvDy8LMCFfLBmvn4LzeMKUVOI1eeGFmUtZ9eJgnd4SeMKesKwJzaSgm8sbdHTR5ATVQUnf7jnsrUzEVPiRaAYeiuWBxghQlwNgwZ/NnAVegdmWX/lYqzg==
  • Cc: Michal Orzel <michal.orzel@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>
  • Delivery-date: Thu, 08 Feb 2024 10:44:56 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
When running Xen on arm32, in scenario where Xen is loaded at an address
such as boot_phys_offset >= 2GB, UBSAN reports the following:

(XEN) UBSAN: Undefined behaviour in arch/arm/setup.c:739:58
(XEN) pointer operation underflowed 00200000 to 86800000
(XEN) Xen WARN at common/ubsan/ubsan.c:172
(XEN) ----[ Xen-4.19-unstable  arm32  debug=y ubsan=y  Not tainted ]----
...
(XEN) Xen call trace:
(XEN)    [<0031b4c0>] ubsan.c#ubsan_epilogue+0x18/0xf0 (PC)
(XEN)    [<0031d134>] __ubsan_handle_pointer_overflow+0xb8/0xd4 (LR)
(XEN)    [<0031d134>] __ubsan_handle_pointer_overflow+0xb8/0xd4
(XEN)    [<004d15a8>] start_xen+0xe0/0xbe0
(XEN)    [<0020007c>] head.o#primary_switched+0x4/0x30

The failure is reported for the following line:
(paddr_t)(uintptr_t)(_start + boot_phys_offset)

This occurs because the compiler treats (ptr + size) with size bigger than
PTRDIFF_MAX as undefined behavior. To address this, switch to macro
virt_to_maddr(), given the future plans to eliminate boot_phys_offset.

Signed-off-by: Michal Orzel <michal.orzel@xxxxxxx>
---
 xen/arch/arm/setup.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/xen/arch/arm/setup.c b/xen/arch/arm/setup.c
index 7e28f62d09f1..424744ad5e1a 100644
--- a/xen/arch/arm/setup.c
+++ b/xen/arch/arm/setup.c
@@ -736,7 +736,7 @@ void asmlinkage __init start_xen(unsigned long 
boot_phys_offset,
 
     /* Register Xen's load address as a boot module. */
     xen_bootmodule = add_boot_module(BOOTMOD_XEN,
-                             (paddr_t)(uintptr_t)(_start + boot_phys_offset),
+                             virt_to_maddr(_start),
                              (paddr_t)(uintptr_t)(_end - _start), false);
     BUG_ON(!xen_bootmodule);
 
-- 
2.25.1

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.