* [PATCH] x86/ACPI/x2APIC: guard against out of range ACPI or APIC IDs
@ 2013-10-30 14:28 Jan Beulich
2013-10-30 20:38 ` Keir Fraser
0 siblings, 1 reply; 2+ messages in thread
From: Jan Beulich @ 2013-10-30 14:28 UTC (permalink / raw)
To: xen-devel; +Cc: Keir Fraser
[-- Attachment #1: Type: text/plain, Size: 1172 bytes --]
Other than for the legacy APIC, the x2APIC MADT entries have valid
ranges possibly extending beyond what our internal arrays can handle,
and hence we need to guard ourselves against corrupting memory here.
Signed-off-by: Jan Beulich <jbeulich@suse.com>
--- a/xen/arch/x86/acpi/boot.c
+++ b/xen/arch/x86/acpi/boot.c
@@ -97,7 +97,20 @@ acpi_parse_x2apic(struct acpi_subtable_h
acpi_table_print_madt_entry(header);
- /* Record local apic id only when enabled */
+ /* Record local apic id only when enabled and fitting. */
+ if (processor->local_apic_id >= MAX_APICS ||
+ processor->uid >= MAX_MADT_ENTRIES) {
+ printk("%sAPIC ID %#x and/or ACPI ID %#x beyond limit"
+ " - processor ignored\n",
+ processor->lapic_flags & ACPI_MADT_ENABLED ?
+ KERN_WARNING "WARNING: " : KERN_INFO,
+ processor->local_apic_id, processor->uid);
+ /*
+ * Must not return an error here, to prevent
+ * acpi_table_parse_entries() from terminating early.
+ */
+ return 0 /* -ENOSPC */;
+ }
if (processor->lapic_flags & ACPI_MADT_ENABLED) {
x86_acpiid_to_apicid[processor->uid] =
processor->local_apic_id;
[-- Attachment #2: x86-too-large-ACPI-ID.patch --]
[-- Type: text/plain, Size: 1230 bytes --]
x86/ACPI/x2APIC: guard against out of range ACPI or APIC IDs
Other than for the legacy APIC, the x2APIC MADT entries have valid
ranges possibly extending beyond what our internal arrays can handle,
and hence we need to guard ourselves against corrupting memory here.
Signed-off-by: Jan Beulich <jbeulich@suse.com>
--- a/xen/arch/x86/acpi/boot.c
+++ b/xen/arch/x86/acpi/boot.c
@@ -97,7 +97,20 @@ acpi_parse_x2apic(struct acpi_subtable_h
acpi_table_print_madt_entry(header);
- /* Record local apic id only when enabled */
+ /* Record local apic id only when enabled and fitting. */
+ if (processor->local_apic_id >= MAX_APICS ||
+ processor->uid >= MAX_MADT_ENTRIES) {
+ printk("%sAPIC ID %#x and/or ACPI ID %#x beyond limit"
+ " - processor ignored\n",
+ processor->lapic_flags & ACPI_MADT_ENABLED ?
+ KERN_WARNING "WARNING: " : KERN_INFO,
+ processor->local_apic_id, processor->uid);
+ /*
+ * Must not return an error here, to prevent
+ * acpi_table_parse_entries() from terminating early.
+ */
+ return 0 /* -ENOSPC */;
+ }
if (processor->lapic_flags & ACPI_MADT_ENABLED) {
x86_acpiid_to_apicid[processor->uid] =
processor->local_apic_id;
[-- Attachment #3: Type: text/plain, Size: 126 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [PATCH] x86/ACPI/x2APIC: guard against out of range ACPI or APIC IDs
2013-10-30 14:28 [PATCH] x86/ACPI/x2APIC: guard against out of range ACPI or APIC IDs Jan Beulich
@ 2013-10-30 20:38 ` Keir Fraser
0 siblings, 0 replies; 2+ messages in thread
From: Keir Fraser @ 2013-10-30 20:38 UTC (permalink / raw)
To: Jan Beulich, xen-devel
On 30/10/2013 14:28, "Jan Beulich" <JBeulich@suse.com> wrote:
> Other than for the legacy APIC, the x2APIC MADT entries have valid
> ranges possibly extending beyond what our internal arrays can handle,
> and hence we need to guard ourselves against corrupting memory here.
>
> Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Keir Fraser <keir@xen.org>
> --- a/xen/arch/x86/acpi/boot.c
> +++ b/xen/arch/x86/acpi/boot.c
> @@ -97,7 +97,20 @@ acpi_parse_x2apic(struct acpi_subtable_h
>
> acpi_table_print_madt_entry(header);
>
> - /* Record local apic id only when enabled */
> + /* Record local apic id only when enabled and fitting. */
> + if (processor->local_apic_id >= MAX_APICS ||
> + processor->uid >= MAX_MADT_ENTRIES) {
> + printk("%sAPIC ID %#x and/or ACPI ID %#x beyond limit"
> + " - processor ignored\n",
> + processor->lapic_flags & ACPI_MADT_ENABLED ?
> + KERN_WARNING "WARNING: " : KERN_INFO,
> + processor->local_apic_id, processor->uid);
> + /*
> + * Must not return an error here, to prevent
> + * acpi_table_parse_entries() from terminating early.
> + */
> + return 0 /* -ENOSPC */;
> + }
> if (processor->lapic_flags & ACPI_MADT_ENABLED) {
> x86_acpiid_to_apicid[processor->uid] =
> processor->local_apic_id;
>
>
>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2013-10-30 20:38 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-10-30 14:28 [PATCH] x86/ACPI/x2APIC: guard against out of range ACPI or APIC IDs Jan Beulich
2013-10-30 20:38 ` Keir Fraser
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).