In all 4 cases, visible in the context are bounds check against d->max_vcpus.
Domain building will ensure that d->max_vcpus never exceeds an appropriate
bound. In the x86 case, different types of domains have different maxima for
vcpus, making the checks wrong as opposed to simply redundant.
For vpsci in ARM, 'vcpuid' is an unsigned type so could never be less than 0.
For the common changes to do_{,compat}_vcpu_op(), these changes do result in a
guest visible change, but only in so far as certain invalid vcpu ids will now
fail with -ENOENT rather than -EINVAL.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
else
vcpuid = target_cpu;
- if ( (vcpuid < 0) || (vcpuid >= MAX_VIRT_CPUS) )
- return PSCI_INVALID_PARAMETERS;
-
if ( vcpuid >= d->max_vcpus || (v = d->vcpu[vcpuid]) == NULL )
return PSCI_INVALID_PARAMETERS;
{
struct vcpu *v;
- ret = -EINVAL;
- if ( domctl->u.sendtrigger.vcpu >= MAX_VIRT_CPUS )
- break;
-
ret = -ESRCH;
if ( domctl->u.sendtrigger.vcpu >= d->max_vcpus ||
(v = d->vcpu[domctl->u.sendtrigger.vcpu]) == NULL )
struct vcpu *v;
int rc = 0;
- if ( vcpuid >= MAX_VIRT_CPUS )
- return -EINVAL;
-
if ( vcpuid >= d->max_vcpus || (v = d->vcpu[vcpuid]) == NULL )
return -ENOENT;
struct vcpu_guest_context *ctxt;
long rc = 0;
- if ( vcpuid >= MAX_VIRT_CPUS )
- return -EINVAL;
-
if ( vcpuid >= d->max_vcpus || (v = d->vcpu[vcpuid]) == NULL )
return -ENOENT;
projects / xen.git / commitdiff