| Message ID | 223c0294-f769-22fb-5958-e4ede84241af@suse.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | x86/MCE: correct struct mcinfo_extended for compat guests | expand |
On 08/01/2020 15:07, Jan Beulich wrote: > The use of any kind of pointers in the public interface is wrong, > including dimensioning arrays based on the size of pointers. The least > bad option of addressing the issue looks to be to pin down the number > that the (64-bit) hypervisor has used anyway (even when passing > information to compat but privileged guests). There aren't actual > instantiations of the structure apart from ones allocated dynamically > out of struct mc_info's mi_data[], which is entirely controlled by the > hypervisor. > > Signed-off-by: Jan Beulich <jbeulich@suse.com> Acked-by: Andrew Cooper <andrew.cooper3@citrix.com>
--- a/xen/include/public/arch-x86/xen-mca.h +++ b/xen/include/public/arch-x86/xen-mca.h @@ -170,9 +170,9 @@ struct mcinfo_extended { /* * Currently Intel extended MSR (32/64) include all gp registers * and E(R)FLAGS, E(R)IP, E(R)MISC, up to 11/19 of them might be - * useful at present. So expand this array to 16/32 to leave room. + * useful at present. So expand this array to 32 to leave room. */ - struct mcinfo_msr mc_msr[sizeof(void *) * 4]; + struct mcinfo_msr mc_msr[32]; }; /* Recovery Action flags. Giving recovery result information to DOM0 */
The use of any kind of pointers in the public interface is wrong, including dimensioning arrays based on the size of pointers. The least bad option of addressing the issue looks to be to pin down the number that the (64-bit) hypervisor has used anyway (even when passing information to compat but privileged guests). There aren't actual instantiations of the structure apart from ones allocated dynamically out of struct mc_info's mi_data[], which is entirely controlled by the hypervisor. Signed-off-by: Jan Beulich <jbeulich@suse.com>