From mboxrd@z Thu Jan 1 00:00:00 1970 From: Weidong Han Subject: Re: Xen 4.0.0-rc7 problem/hang with vt-d DMAR parsing Date: Thu, 25 Mar 2010 17:21:12 +0800 Message-ID: <4BAB2B08.9010201@intel.com> References: <20100323193748.GW1878@reaktio.net> <20100323200515.GZ1878@reaktio.net> <4BA9DA400200007800036ABB@vpn.id2.novell.com> <4BA9D512.9090902@intel.com> <4BA9ED8D0200007800036B3F@vpn.id2.novell.com> <4BA9F0C1.7080809@intel.com> <4BAA01560200007800036B9B@vpn.id2.novell.com> <4BAAB488.3020007@intel.com> <4BAB304A0200007800036D8B@vpn.id2.novell.com> <4BAB2775.5010208@intel.com> <4BAB37E80200007800036DB1@vpn.id2.novell.com> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="------------050008010705090904090903" Return-path: In-Reply-To: <4BAB37E80200007800036DB1@vpn.id2.novell.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xensource.com Errors-To: xen-devel-bounces@lists.xensource.com To: Jan Beulich Cc: "xen-devel@lists.xensource.com" , Keir Fraser , "Cui, Dexuan" List-Id: xen-devel@lists.xenproject.org This is a multi-part message in MIME format. --------------050008010705090904090903 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Jan Beulich wrote: >>>> Weidong Han 25.03.10 10:05 >>> >>>> >> Ok. Updated the patch according to your suggestion. Thanks. >> > > Looks good to me, and I would ack it if I didn't (sorry, only now) > notice that it can't be against -unstable: The patch seems to be > against code which doesn't have an ACPI_DMAR_RHSA case in > acpi_parse_dmar(). Quite odd... > > Jan > Sorry, I didn't copy it completely. Attached it. Thanks. Regards, Weidong --------------050008010705090904090903 Content-Type: text/plain; name="dmar-length-check.patch" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="dmar-length-check.patch" diff -r a4eac162dcb9 xen/drivers/passthrough/vtd/dmar.c --- a/xen/drivers/passthrough/vtd/dmar.c Thu Mar 25 01:05:03 2010 +0800 +++ b/xen/drivers/passthrough/vtd/dmar.c Fri Mar 26 01:59:55 2010 +0800 @@ -659,26 +659,71 @@ static int __init acpi_parse_dmar(struct while ( ((unsigned long)entry_header) < (((unsigned long)dmar) + table->length) ) { + if ( entry_header->length < sizeof(struct acpi_dmar_entry_header) ) + { + dprintk(XENLOG_ERR VTDPREFIX, + "Invalid ACPI DMAR entry length: 0x%x\n", + entry_header->length); + ret = -EINVAL; + break; + } + switch ( entry_header->type ) { case ACPI_DMAR_DRHD: if ( iommu_verbose ) dprintk(VTDPREFIX, "found ACPI_DMAR_DRHD:\n"); + + if ( entry_header->length < sizeof(struct acpi_table_drhd) ) + { + dprintk(XENLOG_ERR VTDPREFIX, + " Invalid length: 0x%x\n", entry_header->length); + ret = -EINVAL; + break; + } + ret = acpi_parse_one_drhd(entry_header); break; case ACPI_DMAR_RMRR: if ( iommu_verbose ) dprintk(VTDPREFIX, "found ACPI_DMAR_RMRR:\n"); + + if ( entry_header->length < sizeof(struct acpi_table_rmrr) ) + { + dprintk(XENLOG_ERR VTDPREFIX, + " Invalid length: 0x%x\n", entry_header->length); + ret = -EINVAL; + break; + } + ret = acpi_parse_one_rmrr(entry_header); break; case ACPI_DMAR_ATSR: if ( iommu_verbose ) dprintk(VTDPREFIX, "found ACPI_DMAR_ATSR:\n"); + + if ( entry_header->length < sizeof(struct acpi_table_atsr) ) + { + dprintk(XENLOG_ERR VTDPREFIX, + " Invalid length: 0x%x\n", entry_header->length); + ret = -EINVAL; + break; + } + ret = acpi_parse_one_atsr(entry_header); break; case ACPI_DMAR_RHSA: if ( iommu_verbose ) dprintk(VTDPREFIX, "found ACPI_DMAR_RHSA:\n"); + + if ( entry_header->length < sizeof(struct acpi_table_rhsa) ) + { + dprintk(XENLOG_ERR VTDPREFIX, + " Invalid length: 0x%x\n", entry_header->length); + ret = -EINVAL; + break; + } + ret = acpi_parse_one_rhsa(entry_header); break; default: --------------050008010705090904090903 Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel --------------050008010705090904090903--