| Message ID | 1395323486-9891-1-git-send-email-julien.grall@linaro.org |
|---|---|
| State | Accepted, archived |
| Headers | show |
On Thu, 2014-03-20 at 13:51 +0000, Julien Grall wrote: > The allocations for shared_irqs and pending_irqs are not checked and use > later. This may lead to a Xen segfault if the hypervisor run out of memory. > > Signed-off-by: Julien Grall <julien.grall@linaro.org> Acked + applied. > --- > This patch should be backported to Xen 4.4 I've added it to my notes, but also CCing Jan since I guess he will be the one to actually do it. Ian.
>>> On 21.03.14 at 13:19, Ian Campbell <Ian.Campbell@citrix.com> wrote: > On Thu, 2014-03-20 at 13:51 +0000, Julien Grall wrote: >> The allocations for shared_irqs and pending_irqs are not checked and use >> later. This may lead to a Xen segfault if the hypervisor run out of memory. >> >> Signed-off-by: Julien Grall <julien.grall@linaro.org> > > Acked + applied. > >> --- >> This patch should be backported to Xen 4.4 > > I've added it to my notes, but also CCing Jan since I guess he will be > the one to actually do it. That's something we need to discuss I think: Since I'm not actively using the ARM port, I'm not sure we wouldn't introduce unnecessary risks if I did the backports. Therefore I'd like to put up for discussion whether one of the ARM maintainers wouldn't be in a better position to do this now that we need to do backports there - both in terms of tracking what needs backporting as well as actually applying them. Jan
On Fri, 2014-03-21 at 12:29 +0000, Jan Beulich wrote: > >>> On 21.03.14 at 13:19, Ian Campbell <Ian.Campbell@citrix.com> wrote: > > On Thu, 2014-03-20 at 13:51 +0000, Julien Grall wrote: > >> The allocations for shared_irqs and pending_irqs are not checked and use > >> later. This may lead to a Xen segfault if the hypervisor run out of memory. > >> > >> Signed-off-by: Julien Grall <julien.grall@linaro.org> > > > > Acked + applied. > > > >> --- > >> This patch should be backported to Xen 4.4 > > > > I've added it to my notes, but also CCing Jan since I guess he will be > > the one to actually do it. > > That's something we need to discuss I think: I suspected it might be ;-) > Since I'm not actively > using the ARM port, I'm not sure we wouldn't introduce unnecessary > risks if I did the backports. Therefore I'd like to put up for discussion > whether one of the ARM maintainers wouldn't be in a better position > to do this now that we need to do backports there - both in terms of > tracking what needs backporting as well as actually applying them. I'd be happy to do both of these things. Ian, For ARM only toolstack patches how would you prefer to proceed? I'm happy either way. Ian.
>>> On 21.03.14 at 13:37, Ian Campbell <Ian.Campbell@citrix.com> wrote: > On Fri, 2014-03-21 at 12:29 +0000, Jan Beulich wrote: >> Since I'm not actively >> using the ARM port, I'm not sure we wouldn't introduce unnecessary >> risks if I did the backports. Therefore I'd like to put up for discussion >> whether one of the ARM maintainers wouldn't be in a better position >> to do this now that we need to do backports there - both in terms of >> tracking what needs backporting as well as actually applying them. > > I'd be happy to do both of these things. Thanks - so be it then. Jan
Ian Campbell writes ("Re: [PATCH] xen/arm: domain_vgic_init: Check xzalloc_* return"):
> Ian, For ARM only toolstack patches how would you prefer to proceed? I'm
> happy either way.
If it's to ARM-specific code, you should do it; otherwise, I'll do
it. And if it overlaps or is confusing we can talk about it :-).
Thanks,
Ian.
On Fri, 2014-03-21 at 14:30 +0000, Ian Jackson wrote: > Ian Campbell writes ("Re: [PATCH] xen/arm: domain_vgic_init: Check xzalloc_* return"): > > Ian, For ARM only toolstack patches how would you prefer to proceed? I'm > > happy either way. > > If it's to ARM-specific code, you should do it; otherwise, I'll do > it. And if it overlaps or is confusing we can talk about it :-). Deal!
diff --git a/xen/arch/arm/vgic.c b/xen/arch/arm/vgic.c index 553411d..9fc9586 100644 --- a/xen/arch/arm/vgic.c +++ b/xen/arch/arm/vgic.c @@ -89,8 +89,17 @@ int domain_vgic_init(struct domain *d) d->arch.vgic.shared_irqs = xzalloc_array(struct vgic_irq_rank, DOMAIN_NR_RANKS(d)); + if ( d->arch.vgic.shared_irqs == NULL ) + return -ENOMEM; + d->arch.vgic.pending_irqs = xzalloc_array(struct pending_irq, d->arch.vgic.nr_lines); + if ( d->arch.vgic.pending_irqs == NULL ) + { + xfree(d->arch.vgic.shared_irqs); + return -ENOMEM; + } + for (i=0; i<d->arch.vgic.nr_lines; i++) { INIT_LIST_HEAD(&d->arch.vgic.pending_irqs[i].inflight);
The allocations for shared_irqs and pending_irqs are not checked and use later. This may lead to a Xen segfault if the hypervisor run out of memory. Signed-off-by: Julien Grall <julien.grall@linaro.org> --- This patch should be backported to Xen 4.4 --- xen/arch/arm/vgic.c | 9 +++++++++ 1 file changed, 9 insertions(+)