From patchwork Thu Feb 18 10:53:43 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Corneliu ZUZU X-Patchwork-Id: 8348621 Return-Path: X-Original-To: patchwork-xen-devel@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork2.web.kernel.org (Postfix) with ESMTP id C1A8AC0553 for ; Thu, 18 Feb 2016 10:56:11 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id EF1BC20386 for ; Thu, 18 Feb 2016 10:56:10 +0000 (UTC) Received: from lists.xen.org (lists.xenproject.org [50.57.142.19]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 9DDAB2037C for ; Thu, 18 Feb 2016 10:56:09 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1aWMDZ-0000e2-3C; Thu, 18 Feb 2016 10:53:53 +0000 Received: from mail6.bemta3.messagelabs.com ([195.245.230.39]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1aWMDX-0000dN-3x for xen-devel@lists.xen.org; Thu, 18 Feb 2016 10:53:51 +0000 Received: from [85.158.137.68] by server-8.bemta-3.messagelabs.com id 38/F2-24375-EB2A5C65; Thu, 18 Feb 2016 10:53:50 +0000 X-Env-Sender: czuzu@bitdefender.com X-Msg-Ref: server-14.tower-31.messagelabs.com!1455792829!23319741!1 X-Originating-IP: [91.199.104.161] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 7.35.1; banners=-,-,- X-VirusChecked: Checked Received: (qmail 14649 invoked from network); 18 Feb 2016 10:53:49 -0000 Received: from mx01.buh.bitdefender.com (HELO mx01.buh.bitdefender.com) (91.199.104.161) by server-14.tower-31.messagelabs.com with DHE-RSA-AES256-GCM-SHA384 encrypted SMTP; 18 Feb 2016 10:53:49 -0000 Comment: DomainKeys? See http://domainkeys.sourceforge.net/ DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=bitdefender.com; b=DMpnffEW2K7C5JxwWDv4Yn7GWK/Z5ynMXTByBMV3EWWzewzyh8g+WStItLRqqu5J7KyRWmdl6XwsFw7b1LuJGp0kSiaQHhvP3ZrgarH2Nd05FdOKRDsLL5UumAFBe8irZLS0w0n1Y2Qw0CuNXuLwmX/ZCjGRPxl0h/Q771wCR5vv+BbZl66bwGdBmWv+KIuvh5VJrAWJC/4C5rAhIskDw+BN/vrXyxkKdCo6SXhTDUobKdZrEQCMlYOZ3+OfqwfuzElAamq9Hib00VeLXedAn7sKt6MsF5ma9owFUuJcSwA1fe5lCN2FYVlHDK3PQBwm1Ddh2qNOKsqyxMJJrYhjNg==; h=Received:Received:Received:Received:Received:From:To:Cc:Subject:Date:Message-Id:X-Mailer:X-BitDefender-Scanner:X-BitDefender-Spam:X-BitDefender-SpamStamp:X-BitDefender-CF-Stamp; DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=bitdefender.com; h=from:to :cc:subject:date:message-id; s=default; bh=7dYg7y8CX7nBPXOHvcYMo +dgus0=; b=1+SDHgATxpg7A6RBM7aXfHmX8p0qQN6izLRM9uP+Ob9tvw2mMRZyF rxuZfqekXcuxyKiZsxwi26wHTOsMfLw723mVMl/IqIx14Zm+cUcA6qG5BFUsWTay KSZ5dNLSLRJ1sfeL1OJZTFOucaRpEpI94Y+ioyO2CtspT6JUw7pmEuSItdtWG6I2 PA44b3+nhW2C13rqeOO4Ogu3daSb3ePxokyoh0Sm+ENZWvqFVuLmazMLIE86vp5I GSZ0uABWpxuS7ipDqr4yX1Unmgi0OOmxUDcIaK4rvN4L8aJVAkUXhFAeaAztPTvU ib+SwEW433Jon9Ua2cn32T5vZJva5I60Q== Received: (qmail 1860 invoked from network); 18 Feb 2016 12:53:48 +0200 Received: from unknown (HELO mx-sr.buh.bitdefender.com) (10.17.80.103) by mx01.buh.bitdefender.com with AES256-GCM-SHA384 encrypted SMTP; 18 Feb 2016 12:53:48 +0200 Received: from smtp02.buh.bitdefender.net (unknown [10.17.80.76]) by mx-sr.buh.bitdefender.com (Postfix) with ESMTP id 634807FBE6 for ; Thu, 18 Feb 2016 12:53:48 +0200 (EET) Received: (qmail 28790 invoked from network); 18 Feb 2016 12:53:48 +0200 Received: from unknown (HELO czuzu-dev-vm.clj.bitdefender.biz) (czuzu@bitdefender.com@91.199.104.243) by smtp02.buh.bitdefender.net with AES128-SHA256 encrypted SMTP; 18 Feb 2016 12:53:47 +0200 From: Corneliu ZUZU To: xen-devel@lists.xen.org Date: Thu, 18 Feb 2016 12:53:43 +0200 Message-Id: <1455792823-29003-1-git-send-email-czuzu@bitdefender.com> X-Mailer: git-send-email 2.5.0 X-BitDefender-Scanner: Clean, Agent: BitDefender qmail 3.1.4 on smtp02.buh.bitdefender.net, sigver: 7.64544 X-BitDefender-Spam: No (0) X-BitDefender-SpamStamp: Build: [Engines: 2.15.6.743, Dats: 414464, Stamp: 3], Multi: [Enabled, t: (0.000007, 0.002997)], BW: [Enabled, t: (0.000006,0.000001)], RBL DNSBL: [Disabled], APM: [Enabled, Score: 500, t: (0.005023), Flags: 2A917CE3; NN_NO_CONTENT_TYPE; NN_NO_LINK_NMD; NN_LEGIT_BITDEFENDER; NN_LEGIT_S_SQARE_BRACKETS; NN_LEGIT_MAILING_LIST_TO], SGN: [Enabled, t: (0.006858)], URL: [Enabled, t: (0.000005)], RTDA: [Enabled, t: (0.037753), Hit: No, Details: v2.3.3; Id: 2m1ghdm.1abpv5gto.8jd], total: 0(775) X-BitDefender-CF-Stamp: none Cc: Andrew Cooper , Tamas K Lengyel , Keir Fraser , Jan Beulich , Razvan Cojocaru Subject: [Xen-devel] [PATCH] x86/monitor: minor left-shift undefined behavior checks X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_MED, T_DKIM_INVALID, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP This minor patch adds a range-check to avoid left-shift caused undefined behavior. Also replaces '1 <<' w/ '1U <<' @ x86 monitor.h in an effort to avoid a future potential '1 << 31' that would cause a similar issue. Signed-off-by: Corneliu ZUZU Acked-by: Razvan Cojocaru --- xen/arch/x86/monitor.c | 13 +++++++++---- xen/include/asm-x86/monitor.h | 10 +++++----- 2 files changed, 14 insertions(+), 9 deletions(-) diff --git a/xen/arch/x86/monitor.c b/xen/arch/x86/monitor.c index a507edb..b4bd008 100644 --- a/xen/arch/x86/monitor.c +++ b/xen/arch/x86/monitor.c @@ -32,10 +32,15 @@ int arch_monitor_domctl_event(struct domain *d, { case XEN_DOMCTL_MONITOR_EVENT_WRITE_CTRLREG: { - unsigned int ctrlreg_bitmask = - monitor_ctrlreg_bitmask(mop->u.mov_to_cr.index); - bool_t old_status = - !!(ad->monitor.write_ctrlreg_enabled & ctrlreg_bitmask); + unsigned int ctrlreg_bitmask; + bool_t old_status; + + /* sanity check: avoid left-shift undefined behavior */ + if ( unlikely(mop->u.mov_to_cr.index > 31) ) + return -EINVAL; + + ctrlreg_bitmask = monitor_ctrlreg_bitmask(mop->u.mov_to_cr.index); + old_status = !!(ad->monitor.write_ctrlreg_enabled & ctrlreg_bitmask); if ( unlikely(old_status == requested_status) ) return -EEXIST; diff --git a/xen/include/asm-x86/monitor.h b/xen/include/asm-x86/monitor.h index c789f71..f1bf4bd 100644 --- a/xen/include/asm-x86/monitor.h +++ b/xen/include/asm-x86/monitor.h @@ -40,14 +40,14 @@ static inline uint32_t arch_monitor_get_capabilities(struct domain *d) if ( !is_hvm_domain(d) || !cpu_has_vmx ) return capabilities; - capabilities = (1 << XEN_DOMCTL_MONITOR_EVENT_WRITE_CTRLREG) | - (1 << XEN_DOMCTL_MONITOR_EVENT_MOV_TO_MSR) | - (1 << XEN_DOMCTL_MONITOR_EVENT_SOFTWARE_BREAKPOINT) | - (1 << XEN_DOMCTL_MONITOR_EVENT_GUEST_REQUEST); + capabilities = (1U << XEN_DOMCTL_MONITOR_EVENT_WRITE_CTRLREG) | + (1U << XEN_DOMCTL_MONITOR_EVENT_MOV_TO_MSR) | + (1U << XEN_DOMCTL_MONITOR_EVENT_SOFTWARE_BREAKPOINT) | + (1U << XEN_DOMCTL_MONITOR_EVENT_GUEST_REQUEST); /* Since we know this is on VMX, we can just call the hvm func */ if ( hvm_is_singlestep_supported() ) - capabilities |= (1 << XEN_DOMCTL_MONITOR_EVENT_SINGLESTEP); + capabilities |= (1U << XEN_DOMCTL_MONITOR_EVENT_SINGLESTEP); return capabilities; }