From: Jan Beulich <jbeulich@suse.com>
Date: Wed, 25 Sep 2019 13:50:58 +0000 (+0200)
Subject: libxc/x86: correct overflow avoidance check in AMD CPUID handling
X-Git-Tag: archive/raspbian/4.14.0+80-gd101b417b7-1+rpi1^2~63^2~1473
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=c9c7ac508b3f65f7d5f9685893096a1b22d8b176;p=xen.git

libxc/x86: correct overflow avoidance check in AMD CPUID handling

Commit df29d03f1d ("libxc/x86: avoid certain overflows in CPUID APIC ID
adjustments" introduced a one bit too narrow mask when checking whether
multiplying by 1 (in particular in leaf 1) would result in overflow.

Reported-by: Andrew Cooper <andrew.cooper3@citrix.com>
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
---

diff --git a/tools/libxc/xc_cpuid_x86.c b/tools/libxc/xc_cpuid_x86.c
index b472fbc610..54b0161132 100644
--- a/tools/libxc/xc_cpuid_x86.c
+++ b/tools/libxc/xc_cpuid_x86.c
@@ -403,7 +403,7 @@ static void amd_xc_cpuid_policy(const struct cpuid_domain_info *info,
          * - incrementing ApicIdCoreSize when it's zero (which changes the
          *   meaning of bits 7:0).
          */
-        if ( (regs[2] & 0x7fu) < 0x7fu )
+        if ( (regs[2] & 0xffu) < 0x7fu )
         {
             if ( (regs[2] & 0xf000u) && (regs[2] & 0xf000u) != 0xf000u )
                 regs[2] = ((regs[2] + 0x1000u) & 0xf000u) | (regs[2] & 0xffu);