[PATCH 1/2] x86/boot: Align e820 and video data in the boot trampoline

xen-devel.lists.xenproject.org archive mirror
 help / color / mirror / Atom feed

* [PATCH 1/2] x86/boot: Align e820 and video data in the boot trampoline
@ 2016-08-12 10:35 Andrew Cooper
  2016-08-12 10:35 ` [PATCH 2/2] x86/cpufreq: Avoid using processor_pminfo[cpu] when it is NULL Andrew Cooper
  2016-08-12 12:08 ` [PATCH 1/2] x86/boot: Align e820 and video data in the boot trampoline Jan Beulich
  0 siblings, 2 replies; 4+ messages in thread
From: Andrew Cooper @ 2016-08-12 10:35 UTC (permalink / raw)
  To: Xen-devel; +Cc: Andrew Cooper, Jan Beulich

The undefined behaviour sanitiser in Clang 3.8 identifies that these are all
misaigned when used in __start_xen().

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
---
CC: Jan Beulich <JBeulich@suse.com>
---
 xen/arch/x86/boot/mem.S   | 1 +
 xen/arch/x86/boot/video.S | 1 +
 2 files changed, 2 insertions(+)

diff --git a/xen/arch/x86/boot/mem.S b/xen/arch/x86/boot/mem.S
index 820aea9..602ab2c 100644
--- a/xen/arch/x86/boot/mem.S
+++ b/xen/arch/x86/boot/mem.S
@@ -67,6 +67,7 @@ get_memory_map:
 
         ret
 
+        .align  4
 GLOBAL(e820map)
         .fill   E820MAX*20,1,0
 GLOBAL(e820nr)
diff --git a/xen/arch/x86/boot/video.S b/xen/arch/x86/boot/video.S
index b238bf3..2aafbeb 100644
--- a/xen/arch/x86/boot/video.S
+++ b/xen/arch/x86/boot/video.S
@@ -994,6 +994,7 @@ force_size:     .word   0       # Use this size instead of the one in BIOS vars
 vesa_size:      .word   0,0,0   # width x depth x height
 
 /* If we don't run at all, assume basic video mode 3 at 80x25. */
+        .align  2
 GLOBAL(boot_vid_mode)
         .word   VIDEO_80x25
 GLOBAL(boot_vid_info)
-- 
2.1.4


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

^ permalink raw reply related	[flat|nested] 4+ messages in thread

* [PATCH 2/2] x86/cpufreq: Avoid using processor_pminfo[cpu] when it is NULL
  2016-08-12 10:35 [PATCH 1/2] x86/boot: Align e820 and video data in the boot trampoline Andrew Cooper
@ 2016-08-12 10:35 ` Andrew Cooper
  2016-08-12 12:14   ` Jan Beulich
  2016-08-12 12:08 ` [PATCH 1/2] x86/boot: Align e820 and video data in the boot trampoline Jan Beulich
  1 sibling, 1 reply; 4+ messages in thread
From: Andrew Cooper @ 2016-08-12 10:35 UTC (permalink / raw)
  To: Xen-devel; +Cc: Andrew Cooper, Jan Beulich

The undefined behaviour sanitiser shows that it really is NULL via the
pre_initcall path.

  (XEN) ================================================================================
  (XEN) UBSAN: Undefined behaviour in cpufreq.c:158:66
  (XEN) member access within null pointer of type 'struct processor_pminfo'
  (XEN) ----[ Xen-4.8-unstable  x86_64  debug=y  Not tainted ]----
  <snip>
  (XEN)    [<ffff82d0801c4231>] cpufreq_add_cpu+0x161/0xdc0
  (XEN)    [<ffff82d0801c6610>] cpufreq.c#cpu_callback+0x20/0x30
  (XEN)    [<ffff82d0804eefad>] cpufreq.c#cpufreq_presmp_init+0x2d/0x50
  (XEN)    [<ffff82d0804c5942>] do_presmp_initcalls+0x22/0x30
  (XEN)    [<ffff82d08051852d>] __start_xen+0x378d/0x42f0
  (XEN)    [<ffff82d080100073>] __high_start+0x53/0x60

Fix two other occurances of the same buggy logic.

The processor_pminfo[] objects are only allocated as a result of
XENPF_set_processor_pminfo hypercalls, which means that this early cpu
callback will always hit the early NULL check, and is therefore pointless.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
---
CC: Jan Beulich <JBeulich@suse.com>
---
 xen/drivers/cpufreq/cpufreq.c | 28 +++++++++++++++++-----------
 1 file changed, 17 insertions(+), 11 deletions(-)

diff --git a/xen/drivers/cpufreq/cpufreq.c b/xen/drivers/cpufreq/cpufreq.c
index f19b403..fd82ef5 100644
--- a/xen/drivers/cpufreq/cpufreq.c
+++ b/xen/drivers/cpufreq/cpufreq.c
@@ -126,7 +126,7 @@ int __init cpufreq_register_governor(struct cpufreq_governor *governor)
 
 int cpufreq_limit_change(unsigned int cpu)
 {
-    struct processor_performance *perf = &processor_pminfo[cpu]->perf;
+    struct processor_performance *perf;
     struct cpufreq_policy *data;
     struct cpufreq_policy policy;
 
@@ -134,6 +134,8 @@ int cpufreq_limit_change(unsigned int cpu)
         !processor_pminfo[cpu])
         return -ENODEV;
 
+    perf = &processor_pminfo[cpu]->perf;
+
     if (perf->platform_limit >= perf->state_count)
         return -EINVAL;
 
@@ -155,12 +157,15 @@ int cpufreq_add_cpu(unsigned int cpu)
     struct cpufreq_dom *cpufreq_dom = NULL;
     struct cpufreq_policy new_policy;
     struct cpufreq_policy *policy;
-    struct processor_performance *perf = &processor_pminfo[cpu]->perf;
+    struct processor_performance *perf;
 
     /* to protect the case when Px was not controlled by xen */
-    if (!processor_pminfo[cpu]      ||
-        !(perf->init & XEN_PX_INIT) ||
-        !cpu_online(cpu))
+    if ( !processor_pminfo[cpu] || !cpu_online(cpu) )
+        return -EINVAL;
+
+    perf = &processor_pminfo[cpu]->perf;
+
+    if ( !(perf->init & XEN_PX_INIT) )
         return -EINVAL;
 
     if (!cpufreq_driver)
@@ -310,12 +315,15 @@ int cpufreq_del_cpu(unsigned int cpu)
     struct list_head *pos;
     struct cpufreq_dom *cpufreq_dom = NULL;
     struct cpufreq_policy *policy;
-    struct processor_performance *perf = &processor_pminfo[cpu]->perf;
+    struct processor_performance *perf;
 
     /* to protect the case when Px was not controlled by xen */
-    if (!processor_pminfo[cpu]      ||
-        !(perf->init & XEN_PX_INIT) ||
-        !cpu_online(cpu))
+    if ( !processor_pminfo[cpu] || !cpu_online(cpu) )
+        return -EINVAL;
+
+    perf = &processor_pminfo[cpu]->perf;
+
+    if ( !(perf->init & XEN_PX_INIT) )
         return -EINVAL;
 
     if (!per_cpu(cpufreq_cpu_policy, cpu))
@@ -637,8 +645,6 @@ static struct notifier_block cpu_nfb = {
 
 static int __init cpufreq_presmp_init(void)
 {
-    void *cpu = (void *)(long)smp_processor_id();
-    cpu_callback(&cpu_nfb, CPU_ONLINE, cpu);
     register_cpu_notifier(&cpu_nfb);
     return 0;
 }
-- 
2.1.4


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH 1/2] x86/boot: Align e820 and video data in the boot trampoline
  2016-08-12 10:35 [PATCH 1/2] x86/boot: Align e820 and video data in the boot trampoline Andrew Cooper
  2016-08-12 10:35 ` [PATCH 2/2] x86/cpufreq: Avoid using processor_pminfo[cpu] when it is NULL Andrew Cooper
@ 2016-08-12 12:08 ` Jan Beulich
  1 sibling, 0 replies; 4+ messages in thread
From: Jan Beulich @ 2016-08-12 12:08 UTC (permalink / raw)
  To: Andrew Cooper; +Cc: Xen-devel

>>> On 12.08.16 at 12:35, <andrew.cooper3@citrix.com> wrote:
> The undefined behaviour sanitiser in Clang 3.8 identifies that these are all
> misaigned when used in __start_xen().
> 
> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>

Acked-by: Jan Beulich <jbeulich@suse.com>


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH 2/2] x86/cpufreq: Avoid using processor_pminfo[cpu] when it is NULL
  2016-08-12 10:35 ` [PATCH 2/2] x86/cpufreq: Avoid using processor_pminfo[cpu] when it is NULL Andrew Cooper
@ 2016-08-12 12:14   ` Jan Beulich
  0 siblings, 0 replies; 4+ messages in thread
From: Jan Beulich @ 2016-08-12 12:14 UTC (permalink / raw)
  To: Andrew Cooper; +Cc: Xen-devel

>>> On 12.08.16 at 12:35, <andrew.cooper3@citrix.com> wrote:
> The undefined behaviour sanitiser shows that it really is NULL via the
> pre_initcall path.
> 
>   (XEN) 
> ================================================================================
>   (XEN) UBSAN: Undefined behaviour in cpufreq.c:158:66
>   (XEN) member access within null pointer of type 'struct processor_pminfo'
>   (XEN) ----[ Xen-4.8-unstable  x86_64  debug=y  Not tainted ]----
>   <snip>
>   (XEN)    [<ffff82d0801c4231>] cpufreq_add_cpu+0x161/0xdc0
>   (XEN)    [<ffff82d0801c6610>] cpufreq.c#cpu_callback+0x20/0x30
>   (XEN)    [<ffff82d0804eefad>] cpufreq.c#cpufreq_presmp_init+0x2d/0x50
>   (XEN)    [<ffff82d0804c5942>] do_presmp_initcalls+0x22/0x30
>   (XEN)    [<ffff82d08051852d>] __start_xen+0x378d/0x42f0
>   (XEN)    [<ffff82d080100073>] __high_start+0x53/0x60
> 
> Fix two other occurances of the same buggy logic.
> 
> The processor_pminfo[] objects are only allocated as a result of
> XENPF_set_processor_pminfo hypercalls, which means that this early cpu
> callback will always hit the early NULL check, and is therefore pointless.
> 
> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>

Reviewed-by: Jan Beulich <jbeulich@suse.com>


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2016-08-12 12:14 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-08-12 10:35 [PATCH 1/2] x86/boot: Align e820 and video data in the boot trampoline Andrew Cooper
2016-08-12 10:35 ` [PATCH 2/2] x86/cpufreq: Avoid using processor_pminfo[cpu] when it is NULL Andrew Cooper
2016-08-12 12:14   ` Jan Beulich
2016-08-12 12:08 ` [PATCH 1/2] x86/boot: Align e820 and video data in the boot trampoline Jan Beulich

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).