From: Laszlo Ersek <lersek@redhat.com>
To: Eduardo Habkost <ehabkost@redhat.com>, qemu-devel@nongnu.org
Cc: "Igor Mammedov" <imammedo@redhat.com>,
"Andreas Färber" <afaerber@suse.de>,
"Michael S. Tsirkin" <mst@redhat.com>
Subject: Re: [Qemu-devel] [PATCH v2 3/4] acpi: Assert sts array limit on AcpiCpuHotplug_add()
Date: Wed, 12 Mar 2014 22:19:46 +0100 [thread overview]
Message-ID: <5320CF72.70705@redhat.com> (raw)
In-Reply-To: <1394648890-933-4-git-send-email-ehabkost@redhat.com>
On 03/12/14 19:28, Eduardo Habkost wrote:
> AcpiCpuHotplug_add() can't handle vCPU arch IDs larger than
> ACPI_CPU_HOTPLUG_ID_LIMIT. Instead of corrupting memory in case the vCPU
> ID is too large, use g_assert() to ensure we are not over the limit.
>
> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
> ---
> hw/acpi/cpu_hotplug.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/hw/acpi/cpu_hotplug.c b/hw/acpi/cpu_hotplug.c
> index 48928dc..2ad83a0 100644
> --- a/hw/acpi/cpu_hotplug.c
> +++ b/hw/acpi/cpu_hotplug.c
> @@ -43,6 +43,7 @@ void AcpiCpuHotplug_add(ACPIGPE *gpe, AcpiCpuHotplug *g, CPUState *cpu)
>
> *gpe->sts = *gpe->sts | ACPI_CPU_HOTPLUG_STATUS;
> cpu_id = k->get_arch_id(CPU(cpu));
> + g_assert((cpu_id / 8) < ACPI_GPE_PROC_LEN);
> g->sts[cpu_id / 8] |= (1 << (cpu_id % 8));
> }
>
>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
next prev parent reply other threads:[~2014-03-12 21:20 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-03-12 18:28 [Qemu-devel] [PATCH v2 0/4] pc: Ensure APIC ID limits before aborting or corrupting memory Eduardo Habkost
2014-03-12 18:28 ` [Qemu-devel] [PATCH v2 1/4] acpi: Add ACPI_CPU_HOTPLUG_ID_LIMIT macro Eduardo Habkost
2014-03-12 21:17 ` Laszlo Ersek
2014-03-12 21:18 ` Laszlo Ersek
2014-03-13 0:12 ` Eduardo Habkost
2014-03-13 0:29 ` Laszlo Ersek
2014-03-12 18:28 ` [Qemu-devel] [PATCH v2 2/4] pc: Refuse CPU hotplug if the resulting APIC ID is too large Eduardo Habkost
2014-03-12 21:19 ` Laszlo Ersek
2014-03-12 18:28 ` [Qemu-devel] [PATCH v2 3/4] acpi: Assert sts array limit on AcpiCpuHotplug_add() Eduardo Habkost
2014-03-12 21:19 ` Laszlo Ersek [this message]
2014-03-12 18:28 ` [Qemu-devel] [PATCH v2 4/4] pc: Refuse max_cpus if it results in too large APIC ID Eduardo Habkost
2014-03-12 22:07 ` Laszlo Ersek
2014-03-13 0:34 ` Eduardo Habkost
2014-03-12 18:58 ` [Qemu-devel] [PATCH v2 0/4] pc: Ensure APIC ID limits before aborting or corrupting memory Eduardo Habkost
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5320CF72.70705@redhat.com \
--to=lersek@redhat.com \
--cc=afaerber@suse.de \
--cc=ehabkost@redhat.com \
--cc=imammedo@redhat.com \
--cc=mst@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).