x86/E820: don't overrun array

The bounds check needs to be done after the increment, not before, or
else it needs to use a one lower immediate. Also use word operations
rather than byte ones for both the increment and the compare (allowing
E820_BIOS_MAX to be more easily bumped, should the need ever arise).

Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>

diff --git a/xen/arch/x86/boot/mem.S b/xen/arch/x86/boot/mem.S
index 4b1fa4dae98d3fc611b732be062113dd5153ab6a..ca90db0a5d350f58b5ffd3d7d6eb237a2d1fc464 100644 (file)
--- a/xen/arch/x86/boot/mem.S
+++ b/xen/arch/x86/boot/mem.S
@@ -22,11 +22,10 @@ get_memory_map:
         cmpl    $SMAP,%eax                      # check the return is `SMAP'
         jne     .Lmem88
 
-        movb    bootsym(e820nr),%al             # up to 128 entries
-        cmpb    $E820_BIOS_MAX,%al
+        incw    bootsym(e820nr)
+        cmpw    $E820_BIOS_MAX,bootsym(e820nr)  # up to this many entries
         jae     .Lmem88
 
-        incb    bootsym(e820nr)
         movw    %di,%ax
         addw    $20,%ax
         movw    %ax,%di