[PATCHv1 0/2]: Xen: kexec coverity fixes

[PATCHv1 0/2]: Xen: kexec coverity fixes

[David Vrabel]

Coverity identified some new issues in the recently commit kexec
changes.

The other new kexec related issues (e.g. CID 1128572: Reliance on
integer endianness (INCOMPATIBLE_CAST)) are believed to be coverity
being confused by the underlying atomic_read()/atomic_write() and
getting its types wrong.

David

[PATCH 1/2] kexec: fix kexec_lock use in kexec_swap_images()

[David Vrabel]

From: David Vrabel <david.vrabel@citrix.com>

CID 1128573

If a bad image type is supplied in a KEXECOP_unload hypercall, the
kexec_lock in kexec_swap_images() was left locked, causing a deadlock
on a subsequent image load or unload.

The kexec_lock is only required to serialize the swap operation
itself.

Signed-off-by: David Vrabel <david.vrabel@citrix.com>
---
 xen/common/kexec.c |    7 ++-----
 1 files changed, 2 insertions(+), 5 deletions(-)

diff --git a/xen/common/kexec.c b/xen/common/kexec.c
index 9999bab..17f3ed7 100644
--- a/xen/common/kexec.c
+++ b/xen/common/kexec.c
@@ -785,17 +785,14 @@ static int kexec_swap_images(int type, struct kexec_image *new,
 
     *old = NULL;
 
-    spin_lock(&kexec_lock);
-
     if ( test_bit(KEXEC_FLAG_IN_PROGRESS, &kexec_flags) )
-    {
-        spin_unlock(&kexec_lock);
         return -EBUSY;
-    }
 
     if ( kexec_load_get_bits(type, &base, &bit) )
         return -EINVAL;
 
+    spin_lock(&kexec_lock);
+
     pos = (test_bit(bit, &kexec_flags) != 0);
     old_slot = base + pos;
     new_slot = base + !pos;
-- 
1.7.2.5

[PATCH 2/2] kexec: fail image loads if the page tables cannot be built

[David Vrabel]

From: David Vrabel <david.vrabel@citrix.com>

CID 1128566

If an image source page is allocated in kimage_alloc_page() but the
machine_kexec_add_page() fails, the image may appear to load
succesfully but it will not execute.  The relocation will fault
(rebooting the host) when trying to copy the source page, as it is not
mapped.

Signed-off-by: David Vrabel <david.vrabel@citrix.com>
---
 xen/common/kimage.c |    9 ++++++++-
 1 files changed, 8 insertions(+), 1 deletions(-)

diff --git a/xen/common/kimage.c b/xen/common/kimage.c
index 5c3e3b3..91943f1 100644
--- a/xen/common/kimage.c
+++ b/xen/common/kimage.c
@@ -592,6 +592,7 @@ static struct page_info *kimage_alloc_page(struct kexec_image *image,
      */
     struct page_info *page;
     paddr_t addr;
+    int ret;
 
     /*
      * Walk through the list of destination pages, and see if I have a
@@ -656,7 +657,13 @@ static struct page_info *kimage_alloc_page(struct kexec_image *image,
         }
     }
 found:
-    machine_kexec_add_page(image, page_to_maddr(page), page_to_maddr(page));
+    ret = machine_kexec_add_page(image, page_to_maddr(page),
+                                 page_to_maddr(page));
+    if ( ret < 0 )
+    {
+        free_domheap_page(page);
+        return NULL;
+    }
     return page;
 }
 
-- 
1.7.2.5

Re: [PATCHv1 0/2]: Xen: kexec coverity fixes

[Andrew Cooper]

On 13/11/13 14:43, David Vrabel wrote:
> Coverity identified some new issues in the recently commit kexec
> changes.
>
> The other new kexec related issues (e.g. CID 1128572: Reliance on
> integer endianness (INCOMPATIBLE_CAST)) are believed to be coverity
> being confused by the underlying atomic_read()/atomic_write() and
> getting its types wrong.
>
> David
>

Both Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>

> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xen.org
> http://lists.xen.org/xen-devel