Xen project Mailing List

Re: [PATCH 2/5] llc-coloring: improve checking while parsing

To: Jan Beulich <jbeulich@xxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>

From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Tue, 7 Apr 2026 11:30:32 +0100

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=lJmN9nmRaihS2ZFAeEmVjXKX31zk7XhTbvO4dzJ5iXY=; b=L5YRN80fgaOGCT3f83NIqq80VmjvCjKA3x00fXcDKDftKgJwc3LzBtbYY2M2QmqF22xQhVXI72U10QsIYY00AycGeeXPfWYg7vUVEut0W/8tNt66q/JKCEskTNqD+dBr/sNTKRRP01CGIBgelc/RbRKXfsvpK5tlU7rnFRUufPGylZJD2i6ZN0jyM0XXcttBhPF/o4wSGubhLLe41uBc3YHVRC/y5pP1KMdwoRc9jUmePRHIuD6wgN3pX7apkiC09kazwdBaInH+c08e8flS1bMPky9RrT7u3wU0JHdztB5AfowWOrYJHC74+sIT7LNiJWeAMgmUdvFyeTv5ZaftBw==

Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=CndLYmBHc0aMXMVFGuAX0NRoS7jHaOUz3hEwZhxGhkwlTZad2dK+cDZBB1E/3L2o1QJwUmHbadyjG/1PSkWXgatKYCjahU0kU2olscEoFdvfNj0/vj4Rndb1fxKYFpVvNEC/pDxYzgExq5Bb0i6Ro90yepx3PKj3K068XUTc/I92IvY7QA60Xj2XmwOOVG+igKAAGBsuQVWiEi0uXGzuFAHLMOgdhreK62aEpH5lxd9Kz5FF1M9EgxYI36VN410gxa8Y/jKIJpPS1rX5fw5PqEVmisyFuk7KrIjg3buBTdmGSWAi6yl8H27QmvDRo2fKsMLTSqx01rFjuV7KetYVXQ==

Authentication-results: eu.smtp.expurgate.cloud; dkim=pass header.s=selector1 header.d=citrix.com header.i="@citrix.com" header.h="From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck"

Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;

Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Kamil Frankowicz <kamil.frankowicz@xxxxxxx>

Delivery-date: Tue, 07 Apr 2026 10:30:54 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 24/03/2026 4:37 pm, Jan Beulich wrote: > We can easily avoid the risk of wrapping UINT_MAX <-> 0 by applying a > check against the compile-time-constant maximum number of colors. > > Additionally the overflow checks suffered from an off-by-1, as the parsed > ranges are inclusive (e.g. end == start being possible, requiring 1 array > slot, while availability of 0 slots was checked in that case). > > Fixes: 6cdea3444eaf ("xen/arm: add Dom0 cache coloring support") > Reported-by: Kamil Frankowicz <kamil.frankowicz@xxxxxxx> > Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> > > --- a/xen/common/llc-coloring.c > +++ b/xen/common/llc-coloring.c > @@ -76,8 +76,9 @@ static int __init parse_color_config(con > else /* Single value */ > end = start; > > - if ( start > end || (end - start) > (UINT_MAX - *num_colors) || > - (*num_colors + (end - start)) >= max_num_colors ) > + if ( end >= NR_LLC_COLORS || start > end || > + (end - start) >= (UINT_MAX - *num_colors) || > + (*num_colors + (end - start + 1)) >= max_num_colors ) > return -EINVAL; > > /* Colors are range checked in check_colors() */ > I think this is correct, so Acked-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> However, the parsing logic is also ridiculous. Most of the complexity comes because of parsing a bitmap but storing it longhand in an array of unsigned ints. Instead, the global variables default_colors, dom0_colors and xen_colors should be bitmaps sized by NR_LLC_COLORS, and d->llc_colours should be a bitmap sized by xen_num_colors (which itself is bound by NR_LLC_COLORS). With the default of 32 colours, this would involve no memory allocation at all, even on 32bit builds of Xen. ~Andrew

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.