x86/cpuid: Remove BUG_ON() condition from guest_cpuid()

Include a min() against the appropriate ARRAY_SIZE(), and ASSERT() that
max_subleaf is within ARRAY_SIZE().

This is more robust to unexpected problems in a release build of Xen.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Doug Goldstein <cardoe@cardoe.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>

diff --git a/xen/arch/x86/cpuid.c b/xen/arch/x86/cpuid.c
index 7b9af1b9cf2e56f790665de66997540d174d4c13..076fab30ac60609535df84422e780cbd9ef502dc 100644 (file)
--- a/xen/arch/x86/cpuid.c
+++ b/xen/arch/x86/cpuid.c
@@ -856,10 +856,11 @@ void guest_cpuid(const struct vcpu *v, uint32_t leaf,
         switch ( leaf )
         {
         case 0x7:
-            if ( subleaf > p->feat.max_subleaf )
+            ASSERT(p->feat.max_subleaf < ARRAY_SIZE(p->feat.raw));
+            if ( subleaf > min_t(uint32_t, p->feat.max_subleaf,
+                                 ARRAY_SIZE(p->feat.raw) - 1) )
                 return;
 
-            BUG_ON(subleaf >= ARRAY_SIZE(p->feat.raw));
             *res = p->feat.raw[subleaf];
             break;