[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH v4 3/7] acpi: Assert sts array limit on AcpiCpuHotpl
From: |
Eduardo Habkost |
Subject: |
[Qemu-devel] [PATCH v4 3/7] acpi: Assert sts array limit on AcpiCpuHotplug_add() |
Date: |
Fri, 14 Mar 2014 16:33:52 -0300 |
AcpiCpuHotplug_add() can't handle vCPU arch IDs larger than
ACPI_CPU_HOTPLUG_ID_LIMIT. Instead of corrupting memory in case the vCPU
ID is too large, use g_assert() to ensure we are not over the limit.
Signed-off-by: Eduardo Habkost <address@hidden>
Reviewed-by: Laszlo Ersek <address@hidden>
---
hw/acpi/cpu_hotplug.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/hw/acpi/cpu_hotplug.c b/hw/acpi/cpu_hotplug.c
index 48928dc..2ad83a0 100644
--- a/hw/acpi/cpu_hotplug.c
+++ b/hw/acpi/cpu_hotplug.c
@@ -43,6 +43,7 @@ void AcpiCpuHotplug_add(ACPIGPE *gpe, AcpiCpuHotplug *g,
CPUState *cpu)
*gpe->sts = *gpe->sts | ACPI_CPU_HOTPLUG_STATUS;
cpu_id = k->get_arch_id(CPU(cpu));
+ g_assert((cpu_id / 8) < ACPI_GPE_PROC_LEN);
g->sts[cpu_id / 8] |= (1 << (cpu_id % 8));
}
--
1.8.5.3
- [Qemu-devel] [PATCH v4 0/7] pc: Ensure APIC ID limits before aborting or corrupting memory, Eduardo Habkost, 2014/03/14
- [Qemu-devel] [PATCH v4 1/7] acpi: Add ACPI_CPU_HOTPLUG_ID_LIMIT macro, Eduardo Habkost, 2014/03/14
- [Qemu-devel] [PATCH v4 4/7] acpi: Don't use MAX_CPUMASK_BITS for APIC ID bitmap, Eduardo Habkost, 2014/03/14
- [Qemu-devel] [PATCH v4 3/7] acpi: Assert sts array limit on AcpiCpuHotplug_add(),
Eduardo Habkost <=
- [Qemu-devel] [PATCH v4 2/7] pc: Refuse CPU hotplug if the resulting APIC ID is too large, Eduardo Habkost, 2014/03/14
- [Qemu-devel] [PATCH v4 7/7] vl.c: Use MAX_CPUS macro instead of hardcoded constant, Eduardo Habkost, 2014/03/14
- [Qemu-devel] [PATCH v4 5/7] pc: Refuse max_cpus if it results in too large APIC ID, Eduardo Habkost, 2014/03/14
- [Qemu-devel] [PATCH v4 6/7] vl.c: Rename MAX_CPUMASK_BITS to MAX_CPUS, Eduardo Habkost, 2014/03/14
- Re: [Qemu-devel] [PATCH v4 0/7] pc: Ensure APIC ID limits before aborting or corrupting memory, Michael S. Tsirkin, 2014/03/17