x86/hvm: fix off-by-one errors in vcpuid range checks

author Keir Fraser <keir.fraser@citrix.com>

Wed, 27 May 2009 10:17:40 +0000 (11:17 +0100)

committer Keir Fraser <keir.fraser@citrix.com>

Wed, 27 May 2009 10:17:40 +0000 (11:17 +0100)
author Keir Fraser <keir.fraser@citrix.com>
Wed, 27 May 2009 10:17:40 +0000 (11:17 +0100)
committer Keir Fraser <keir.fraser@citrix.com>
Wed, 27 May 2009 10:17:40 +0000 (11:17 +0100)
diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c

index fc31b3b1bda12fd8dc96787d27329b88f0aec055..ab3a28ca5d72929d3cdc899c22799290e0600913 100644 (file)
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -503,7 +503,7 @@ static int hvm_load_cpu_ctxt(struct domain *d, hvm_domain_context_t *h)
  
      /* Which vcpu is this? */
      vcpuid = hvm_load_instance(h);
-    if ( vcpuid > MAX_VIRT_CPUS || (v = d->vcpu[vcpuid]) == NULL ) 
+    if ( vcpuid >= MAX_VIRT_CPUS || (v = d->vcpu[vcpuid]) == NULL )
      {
          gdprintk(XENLOG_ERR, "HVM restore: domain has no vcpu %u\n", vcpuid);
          return -EINVAL;
diff --git a/xen/arch/x86/hvm/mtrr.c b/xen/arch/x86/hvm/mtrr.c

index e1448d99ee99bab6afc1fc32e05f835ed1e28e65..2553f7c9a58441bb1e55fa5d788c87a9493efd63 100644 (file)
--- a/xen/arch/x86/hvm/mtrr.c
+++ b/xen/arch/x86/hvm/mtrr.c
@@ -676,7 +676,7 @@ static int hvm_load_mtrr_msr(struct domain *d, hvm_domain_context_t *h)
      struct hvm_hw_mtrr hw_mtrr;
  
      vcpuid = hvm_load_instance(h);
-    if ( vcpuid > MAX_VIRT_CPUS || (v = d->vcpu[vcpuid]) == NULL )
+    if ( vcpuid >= MAX_VIRT_CPUS || (v = d->vcpu[vcpuid]) == NULL )
      {
          gdprintk(XENLOG_ERR, "HVM restore: domain has no vcpu %u\n", vcpuid);
          return -EINVAL;
diff --git a/xen/arch/x86/hvm/vlapic.c b/xen/arch/x86/hvm/vlapic.c

index 68e9b27632c01830ee89729cfa0f458b9b0b7f43..6e30a2e2af2f905e29bcc05c2d63d57e6fce06cb 100644 (file)
--- a/xen/arch/x86/hvm/vlapic.c
+++ b/xen/arch/x86/hvm/vlapic.c
@@ -913,7 +913,7 @@ static int lapic_load_hidden(struct domain *d, hvm_domain_context_t *h)
      
      /* Which vlapic to load? */
      vcpuid = hvm_load_instance(h); 
-    if ( vcpuid > MAX_VIRT_CPUS || (v = d->vcpu[vcpuid]) == NULL ) 
+    if ( vcpuid >= MAX_VIRT_CPUS || (v = d->vcpu[vcpuid]) == NULL )
      {
          gdprintk(XENLOG_ERR, "HVM restore: domain has no vlapic %u\n", vcpuid);
          return -EINVAL;
@@ -936,7 +936,7 @@ static int lapic_load_regs(struct domain *d, hvm_domain_context_t *h)
      
      /* Which vlapic to load? */
      vcpuid = hvm_load_instance(h); 
-    if ( vcpuid > MAX_VIRT_CPUS || (v = d->vcpu[vcpuid]) == NULL ) 
+    if ( vcpuid >= MAX_VIRT_CPUS || (v = d->vcpu[vcpuid]) == NULL )
      {
          gdprintk(XENLOG_ERR, "HVM restore: domain has no vlapic %u\n", vcpuid);
          return -EINVAL;
author	Keir Fraser <keir.fraser@citrix.com>
	Wed, 27 May 2009 10:17:40 +0000 (11:17 +0100)
committer	Keir Fraser <keir.fraser@citrix.com>
	Wed, 27 May 2009 10:17:40 +0000 (11:17 +0100)
xen/arch/x86/hvm/hvm.c		patch \| blob \| history
xen/arch/x86/hvm/mtrr.c		patch \| blob \| history
xen/arch/x86/hvm/vlapic.c		patch \| blob \| history