From: Andrew Cooper <andrew.cooper3@citrix.com>
Date: Thu, 22 Jan 2015 11:46:43 +0000 (+0100)
Subject: drop redundant MAX_VIRT_CPUS bounds checks
X-Git-Tag: archive/raspbian/4.8.0-1+rpi1~1^2~3890
X-Git-Url: https://dgit.raspbian.org/%22http:/www.example.com/cgi/%22https:/%22bookmarks://%22Dat/%22http:/www.example.com/cgi/%22https:/%22bookmarks:/%22Dat?a=commitdiff_plain;h=d9e66702fd9e1cf7a8e7fa3b28879cd6f779bac5;p=xen.git

drop redundant MAX_VIRT_CPUS bounds checks

In all 4 cases, visible in the context are bounds check against d->max_vcpus.
Domain building will ensure that d->max_vcpus never exceeds an appropriate
bound.  In the x86 case, different types of domains have different maxima for
vcpus, making the checks wrong as opposed to simply redundant.

For vpsci in ARM, 'vcpuid' is an unsigned type so could never be less than 0.

For the common changes to do_{,compat}_vcpu_op(), these changes do result in a
guest visible change, but only in so far as certain invalid vcpu ids will now
fail with -ENOENT rather than -EINVAL.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Ian Campbell <ian.campbell@citrix.com>
---

diff --git a/xen/arch/arm/vpsci.c b/xen/arch/arm/vpsci.c
index 3f2a482460..5d899be3fe 100644
--- a/xen/arch/arm/vpsci.c
+++ b/xen/arch/arm/vpsci.c
@@ -37,9 +37,6 @@ static int do_common_cpu_on(register_t target_cpu, register_t entry_point,
     else
         vcpuid = target_cpu;
 
-    if ( (vcpuid < 0) || (vcpuid >= MAX_VIRT_CPUS) )
-        return PSCI_INVALID_PARAMETERS;
-
     if ( vcpuid >= d->max_vcpus || (v = d->vcpu[vcpuid]) == NULL )
         return PSCI_INVALID_PARAMETERS;
 
diff --git a/xen/arch/x86/domctl.c b/xen/arch/x86/domctl.c
index 82365a40b2..a1c5db0eaf 100644
--- a/xen/arch/x86/domctl.c
+++ b/xen/arch/x86/domctl.c
@@ -541,10 +541,6 @@ long arch_do_domctl(
     {
         struct vcpu *v;
 
-        ret = -EINVAL;
-        if ( domctl->u.sendtrigger.vcpu >= MAX_VIRT_CPUS )
-            break;
-
         ret = -ESRCH;
         if ( domctl->u.sendtrigger.vcpu >= d->max_vcpus ||
              (v = d->vcpu[domctl->u.sendtrigger.vcpu]) == NULL )
diff --git a/xen/common/compat/domain.c b/xen/common/compat/domain.c
index 510843d830..3ca4ef7329 100644
--- a/xen/common/compat/domain.c
+++ b/xen/common/compat/domain.c
@@ -29,9 +29,6 @@ int compat_vcpu_op(int cmd, unsigned int vcpuid, XEN_GUEST_HANDLE_PARAM(void) ar
     struct vcpu *v;
     int rc = 0;
 
-    if ( vcpuid >= MAX_VIRT_CPUS )
-        return -EINVAL;
-
     if ( vcpuid >= d->max_vcpus || (v = d->vcpu[vcpuid]) == NULL )
         return -ENOENT;
 
diff --git a/xen/common/domain.c b/xen/common/domain.c
index e02823ebc0..0b0568191a 100644
--- a/xen/common/domain.c
+++ b/xen/common/domain.c
@@ -1146,9 +1146,6 @@ long do_vcpu_op(int cmd, unsigned int vcpuid, XEN_GUEST_HANDLE_PARAM(void) arg)
     struct vcpu_guest_context *ctxt;
     long rc = 0;
 
-    if ( vcpuid >= MAX_VIRT_CPUS )
-        return -EINVAL;
-
     if ( vcpuid >= d->max_vcpus || (v = d->vcpu[vcpuid]) == NULL )
         return -ENOENT;