From: Weidong Han <weidong.han@intel.com>
To: Jan Beulich <JBeulich@novell.com>
Cc: "xen-devel@lists.xensource.com" <xen-devel@lists.xensource.com>,
Keir Fraser <keir.fraser@eu.citrix.com>,
"Cui, Dexuan" <dexuan.cui@intel.com>
Subject: Re: Xen 4.0.0-rc7 problem/hang with vt-d DMAR parsing
Date: Wed, 24 Mar 2010 19:00:17 +0800 [thread overview]
Message-ID: <4BA9F0C1.7080809@intel.com> (raw)
In-Reply-To: <4BA9ED8D0200007800036B3F@vpn.id2.novell.com>
Jan Beulich wrote:
>>>> Weidong Han <weidong.han@intel.com> 24.03.10 10:02 >>>
>>>>
>> it cannot check entry_header->length < sizeof(struct acpi_table_XXX),
>> which is not the actual size in acpi table.
>>
>
> I don't follow here: Minimally checking against
> sizeof(struct acpi_dmar_entry_header) should be possible. But I can't
> even see why checking for sizeof(struct acpi_table_XXX) in the
> individual case statements can't be done.
>
> Jan
>
Re-checked the code. You're right. Updated the patch to check with
sizeof(struct acpi_table_XXX).
Idea-by: Jan Beulich <jbeulich@novell.com <mailto:jbeulich@novell.com>>
Signed-off-by: Weidong Han <weidong.han@intel.com>
diff -r a4eac162dcb9 xen/drivers/passthrough/vtd/dmar.c
--- a/xen/drivers/passthrough/vtd/dmar.c Thu Mar 25 01:05:03 2010 +0800
+++ b/xen/drivers/passthrough/vtd/dmar.c Thu Mar 25 03:53:21 2010 +0800
@@ -659,6 +659,23 @@ static int __init acpi_parse_dmar(struct
while ( ((unsigned long)entry_header) <
(((unsigned long)dmar) + table->length) )
{
+ /*
+ * entry_header length should not smaller than size of
+ * any acpi dmar structures. also avoid endless looping
+ * when the lenght is 0 on some bad BIOSs
+ */
+ if ( entry_header->length < sizeof(struct acpi_table_drhd) &&
+ entry_header->length < sizeof(struct acpi_table_rmrr) &&
+ entry_header->length < sizeof(struct acpi_table_atsr) &&
+ entry_header->length < sizeof(struct acpi_table_rhsa) )
+ {
+ dprintk(XENLOG_WARNING VTDPREFIX,
+ "Invalid entry_header length: 0x%x\n",
+ entry_header->length);
+ ret = -EINVAL;
+ break;
+ }
+
switch ( entry_header->type )
{
case ACPI_DMAR_DRHD:
next prev parent reply other threads:[~2010-03-24 11:00 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-03-23 14:27 Xen 4.0.0-rc7 problem/hang with vt-d DMAR parsing Pasi Kärkkäinen
2010-03-23 14:40 ` Jan Beulich
2010-03-23 14:40 ` Pasi Kärkkäinen
2010-03-23 14:48 ` Keir Fraser
2010-03-23 19:37 ` Pasi Kärkkäinen
2010-03-23 19:54 ` Keir Fraser
2010-03-23 20:05 ` Pasi Kärkkäinen
2010-03-24 0:40 ` Weidong Han
2010-03-24 1:52 ` Cui, Dexuan
2010-03-24 8:24 ` Jan Beulich
2010-03-24 8:54 ` Cui, Dexuan
2010-03-24 9:02 ` Weidong Han
2010-03-24 9:10 ` Pasi Kärkkäinen
2010-03-24 9:46 ` Jan Beulich
2010-03-24 11:00 ` Weidong Han [this message]
2010-03-24 11:11 ` Jan Beulich
2010-03-25 0:55 ` Weidong Han
2010-03-25 8:43 ` Jan Beulich
2010-03-25 9:05 ` Weidong Han
2010-03-25 9:16 ` Jan Beulich
2010-03-25 9:21 ` Weidong Han
2010-03-25 9:30 ` Jan Beulich
2010-03-25 9:34 ` Pasi Kärkkäinen
2010-03-25 9:44 ` Keir Fraser
2010-03-26 19:20 ` Pasi Kärkkäinen
2010-03-29 6:42 ` Cui, Dexuan
2010-03-24 17:34 ` Nadolski, Ed
2010-03-25 0:04 ` Weidong Han
2010-04-05 18:00 ` Nadolski, Ed
2010-04-07 1:43 ` Weidong Han
2010-03-24 8:50 ` Pasi Kärkkäinen
2010-03-26 19:45 ` Pasi Kärkkäinen
2010-03-29 6:48 ` Cui, Dexuan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4BA9F0C1.7080809@intel.com \
--to=weidong.han@intel.com \
--cc=JBeulich@novell.com \
--cc=dexuan.cui@intel.com \
--cc=keir.fraser@eu.citrix.com \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.