From patchwork Wed Nov 6 08:05:19 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mykyta Poturai X-Patchwork-Id: 13863981 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 96475D29FB8 for ; Wed, 6 Nov 2024 08:05:59 +0000 (UTC) Received: from list by lists.xenproject.org with outflank-mailman.830598.1245653 (Exim 4.92) (envelope-from ) id 1t8b2g-0002Kl-36; Wed, 06 Nov 2024 08:05:30 +0000 X-Outflank-Mailman: Message body and most headers restored to incoming version Received: by outflank-mailman (output) from mailman id 830598.1245653; Wed, 06 Nov 2024 08:05:30 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1t8b2f-0002Ke-WD; Wed, 06 Nov 2024 08:05:30 +0000 Received: by outflank-mailman (input) for mailman id 830598; Wed, 06 Nov 2024 08:05:28 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1t8b2e-0002KX-Jw for xen-devel@lists.xenproject.org; Wed, 06 Nov 2024 08:05:28 +0000 Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on20605.outbound.protection.outlook.com [2a01:111:f403:2613::605]) by se1-gles-flk1.inumbo.com (Halon) with ESMTPS id df8ddcb7-9c15-11ef-99a3-01e77a169b0f; Wed, 06 Nov 2024 09:05:23 +0100 (CET) Received: from PAVPR03MB10102.eurprd03.prod.outlook.com (2603:10a6:102:30d::12) by DBAPR03MB6392.eurprd03.prod.outlook.com (2603:10a6:10:192::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8137.19; Wed, 6 Nov 2024 08:05:20 +0000 Received: from PAVPR03MB10102.eurprd03.prod.outlook.com ([fe80::35ac:8893:c31c:b971]) by PAVPR03MB10102.eurprd03.prod.outlook.com ([fe80::35ac:8893:c31c:b971%6]) with mapi id 15.20.8114.028; Wed, 6 Nov 2024 08:05:19 +0000 X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: df8ddcb7-9c15-11ef-99a3-01e77a169b0f X-Custom-Connection: eyJyZW1vdGVpcCI6IjJhMDE6MTExOmY0MDM6MjYxMzo6NjA1IiwiaGVsbyI6IkVVUjA1LVZJMS1vYmUub3V0Ym91bmQucHJvdGVjdGlvbi5vdXRsb29rLmNvbSJ9 X-Custom-Transaction: eyJpZCI6ImRmOGRkY2I3LTljMTUtMTFlZi05OWEzLTAxZTc3YTE2OWIwZiIsInRzIjoxNzMwODgwMzIzLjUyMzg0OSwic2VuZGVyIjoibXlreXRhX3BvdHVyYWlAZXBhbS5jb20iLCJyZWNpcGllbnQiOiJ4ZW4tZGV2ZWxAbGlzdHMueGVucHJvamVjdC5vcmcifQ== ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=Ap00gm3mPYT9snOiWYVhUFaatO7l4FNowGNkOLER71OeihbI5nqtHSVaddIB63Fgi7+/eoODMx9451XefuQ5J7CkpUM43c/inP6bXGrxviB4+2REUXNGK6HwvV6ICYiIMfjjANyj4PwNfJ2ttorcenWe9kIZj2BEGm/ElZzN112pshJXMMh5HhMp3F3HwA7nWstx7MQbWGuU5KqqBW9XK8Y+Z1mZJLpiLs9ecbdvmK2QaGAhS2XBlNOTctszySyZ1saBtlAlCMtkHD30HcrRjok4BuWLOg5SZCKOIoK9uuqhYBGBpjxxS5UvlGcXNepqenyIYC/3AB5rOkmA4fZftw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Pn7wSdWlSZGzjxlyLqWviHvXcweDVYrt/uwijGWzxoY=; b=vQycoSpeTCT9hVW0yvThGLjuYCQOzNTVtkREeErYCroewT9Zfj7LBC016fUYGI5FmNyU9uYvQJap5ew4xk1Cox/4Pv2QW0gUAmeExBf0dO9+mHczVcThJpKzQecFdoMf/5p4sArK9uB0PPCRj77qdTJqbvw6JJDwRUYhDrs/VVTi0Na8ez1GyJ7yr8IB5W6Z10wC5vhKW5K9nnzFGBn2toGiQvPT0+SpwkRAudUBE0m8WsT3SHbfO56pH74/uzQy3SB9FrK3cY9iRtXQNxocoXFC5WcouQJtR25UBACDTIy5rRhYYlE0Sb3aXotv0KTNjI1kBWznCiI570kBgKJ1ww== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=epam.com; dmarc=pass action=none header.from=epam.com; dkim=pass header.d=epam.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=epam.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Pn7wSdWlSZGzjxlyLqWviHvXcweDVYrt/uwijGWzxoY=; b=DnpEM8qayArSNIuAlpQa3RQcoaigbNJjFlAib8/8Pd7NJcS1hOk8EDbcpNvjjBWvl3LhoCtowrLBWaUJJ28KNPiJwDF+Mg322EuFUHtTmXsJ9GSOa3hKRlfR0vFPmoxXxntkwJlXvdNsknCFrAGP1kR6AbpNfBdFED4qgpN+oivXKWMOj8s7/K7C7I48zWNATq2o15xzcZ2oNLTVT6Rtv6eyp5gIkR5MKjCu4RPjk8AyOFbI3U9CT576XCfGauLjR/4y2M4AxzwryfT4y4pAENdJtKbRvPtmA2G0DQw2eNYDTRNP/jIb9zhjIj89K1eecLfzXT7Am2BaWpMHszMSjg== From: Mykyta Poturai To: "xen-devel@lists.xenproject.org" CC: Mykyta Poturai , =?iso-8859-1?q?Roger_Pau_Monn?= =?iso-8859-1?q?=E9?= Subject: [XEN PATCH] xen/vpci: Fix UB in mask_write Thread-Topic: [XEN PATCH] xen/vpci: Fix UB in mask_write Thread-Index: AQHbMCKf4QVge+H9k02dX4ZlwzpGqA== Date: Wed, 6 Nov 2024 08:05:19 +0000 Message-ID: <559dfac91b8f097bc59c4de194fd2ae2b5b4144c.1730880005.git.mykyta_poturai@epam.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=epam.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: PAVPR03MB10102:EE_|DBAPR03MB6392:EE_ x-ms-office365-filtering-correlation-id: 4bd54490-b9b6-41b5-03fc-08dcfe39c1d7 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0;ARA:13230040|366016|376014|1800799024|38070700018; x-microsoft-antispam-message-info: =?iso-8859-1?q?/9ruNTZZFrF5oXayaD81E5yJPH?= =?iso-8859-1?q?Ag+DW5oqI1L8l0+dIdNx50ByMyXjOZpbDqnATnEkrjVcjzmhP11OO6PNAubL?= =?iso-8859-1?q?cXyABjrNiuZMXUCE8MBSCDTbYF6MojSk2KEPv64d9Dq0eCnWPl+J/M6oviss?= =?iso-8859-1?q?Rh+p7jxcBKIVE4feB1cncM8DdLI2Rd5qWqc+yLe5c/tcik4RgXKcIqapfJ3k?= =?iso-8859-1?q?wo4c05Rx41lKtK4Dk6UdsxLAd2ScsJwc8W5TSJfCDGClPGIj+WD039FJq+xp?= =?iso-8859-1?q?0y8Ji+nak1jVWY+Gs+horX6cKja1h0307LRlC+i9pfgOpGX8jqXrNxXtrYhL?= =?iso-8859-1?q?LvwM4FLQUi7DYR5bvz3uwUkjs8Fl55vDIAAw91WMy4o5UkWUvhyADByBj/fd?= =?iso-8859-1?q?nuRBI/RdI6Onso/lzoaxV/t3lH8lNXbOcao7qjSB57sa5RiPsXv//AYwuV36?= =?iso-8859-1?q?qHYlNItVoCenDHRYQX/icsTQPIh+SWHYSdH4HcRhln/A1T5vzEwPZTHwMzjz?= =?iso-8859-1?q?ol0tddAhEjMJ1E+VlOngitMJJKZqB8TFxCOryAsn9bxhvtFvajhL8cjUmm4h?= =?iso-8859-1?q?JZeFm1KWL9aP6LZ8C8Xy5sONKyY9o/T92sh+NTJ4rd4eYh2W31J8W5Gp/OKg?= =?iso-8859-1?q?U8L/W7EwSmZH1wvq68PCwsAfgomxMMnMyBBhX7sVIIE3G9WyB3pNdRrvUsT7?= =?iso-8859-1?q?Zn/BOHGLytxkiqTgFFy+bRqDxtbY7CmduiKj4tuhDIUnN0HDkgtTVpnT2Cnj?= =?iso-8859-1?q?RjuHwI9HBJjFMUQZjHkGQLRTDuZwxKL1M4imyoYp0ua4S5E0FU5HA1XHxW2k?= =?iso-8859-1?q?wKzrR7rQIxJPDSGANv+pOqN8r7kdx5Vab2Cr3O+slpMK2L5CHexJ8MBPrclq?= =?iso-8859-1?q?Q63CcaOuQAjvvqhIlva1Z/NPEERe4bVxpkCkUlt6Vo71oVAA7NSO01tIAamv?= =?iso-8859-1?q?uh608OwL27j99Bfnnj+sDefQRSUwrhFtHTp7CQ8GEBC4wCFnEDTadnm6r8D4?= =?iso-8859-1?q?3FKekU/u1f4ivomDMYyzEn+myxpKfso/0RFmuqZUbkw6LpmIBA3DL28eH7EE?= =?iso-8859-1?q?NVeRTq+OCY6OzCgYBIL1pS/UUKyZ/aJl+je9HF10L7JknYD5PGVM2bfDV0iT?= =?iso-8859-1?q?M9MRfnWPuvuy4vbFIsFjY/tps8i8+jQCahg8GnNewc7D4A7740+ejAgPaCqW?= =?iso-8859-1?q?6Rrj57ywLGf2DyBnBep25rSX+DIubQPXlao6xtpsTlmI6ibgw5v1Q+RBJgiL?= =?iso-8859-1?q?EIy8bnV2IG6qpP/IzYpANkzubj56DPME//SCW+vZe7jyUDyIPHsLps3AXe1Q?= =?iso-8859-1?q?u1WwEMqLIieEg4i4+eMk+u1fuYML01/oalYqbL+0Rpr2fVqr22hWmQQkEe+0?= =?iso-8859-1?q?F6ZLGS0qK39hngwciwPhAlCjzrfnr+0N+rEirV9ro=3D?= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PAVPR03MB10102.eurprd03.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(376014)(1800799024)(38070700018);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?iso-8859-1?q?+YRCoEDfla31ikfxBKZ5aR3?= =?iso-8859-1?q?BNEH/Nl/YVSXVHErzp9k6wKkae7MBDvqW2fGHsANpUl2l2oCt7RGN5x+7EN0?= =?iso-8859-1?q?xRTeuSNQsCUgNNf23etTOnmGh5gOiWG4h7TUAlf1tABdP7SG3SzCv6WLACwX?= =?iso-8859-1?q?GFxgzclEEpa04r3/2nntN7l8GXC61c7/XmGMIIDd1PvRupZ49nExAMpyeP++?= =?iso-8859-1?q?3vn1KDOCNSkNVutyQfb/uUxG2TU9yvur7FEbVKvVqJhy8GP2DcPFXFJ6oBlD?= =?iso-8859-1?q?8ZmPtoA5Q/vm+wNZ2WvtXv8BzlUAb1ZKj8PHW9jq+po5HjZy9+JDWxPMVaBZ?= =?iso-8859-1?q?kPq6oRGoGzAqs79+NKrxj8umJNbIEJa8za/iVg9QHD0KGPbGdAwujVRMrkQ4?= =?iso-8859-1?q?XiDlw59y5TH3gRl2VfT+GMXih/ofHKC2xIxVRFyfbZ75+ZY3dI+Cz16l8fDB?= =?iso-8859-1?q?BH9mZgT7n91oLI0A9QkzEpBfIm6FxlGKmygLukYH8fGw7k7PfP73WXEdayuE?= =?iso-8859-1?q?M768ITe4iAhbU0njBWyHJns3bHmtCVkvcCLQugK+aQ/gUplO6uUfR32Bf+RH?= =?iso-8859-1?q?4txCdj1aWMqB3uyJwVHa6x9Tn76vOcGXGA9AQfBE/BSmzNilYQd/+TqhIz10?= =?iso-8859-1?q?XGkpIf9N3hopWpeF/Wa8+03bgU/pUhV3nw22h6+dsH5f1D/RsuFiL94UC3Tq?= =?iso-8859-1?q?TFvoSA+yxukzbFdLONpMm/70Fj6kS3IPVFU/XWLrmj5BYbK8oDnaQQ1yf+I3?= =?iso-8859-1?q?61wDwi9tdWF7JL4UqsU9xf4gBASuZfy3zjUVXHcJbQCR+FFBY6bGi/gGQ6i8?= =?iso-8859-1?q?2GumjqUTy7VBwJ0PT5eFQ0jIYC4uVErZpkh+gJ8geDvB3wXmnipbucbzrSYA?= =?iso-8859-1?q?dzhQt6LnQy7F5DMD1F90bX/5/HTKGcnPtGG63piNGXFoxgiLVD8fHAjgTpgI?= =?iso-8859-1?q?7lzTpfFyc7tENoFsY71ChiuwJ7BKGC5Dw0qDvDNRkN1+3D6zc1QPJ5EmiUWl?= =?iso-8859-1?q?IFLGhWefFm2EClk05Lnbll2H9HhDnD3LOuC0lFg4jE23FMWUdU//vZpeujA5?= =?iso-8859-1?q?cAHNfYlI6NOtQfreP4vcYnbSu55l2CFH8qAtJg1xU4ZYrsQJnnL/rsdp7rX7?= =?iso-8859-1?q?+MKlZgRd5+JoFWSwgMbqWqll+1N1YvgvzHDip/s+t9jCgcvSaYWOEFcpS/kl?= =?iso-8859-1?q?u3NpsX51UeK+0GJYfXY+6MjWFiLQ0Bz/xVaB2GqsYoIqBbPz1NEQTSbATKsR?= =?iso-8859-1?q?RiqPL+IQieFcxDVzHq36s71EUJIq9NyrbIlg97NrPwiqaIrO6cp5KIOEddEI?= =?iso-8859-1?q?WgjaRO18Tdzk+Qw/fe00ZRDNSm8igooHAWn37XVr3/2DNIVAZXQ9i/84K2ng?= =?iso-8859-1?q?HnjImTz4JF4IB3+IrljAk3iTqSdzCVNNu0Lqyc+zY6r0yQOhX1S338J/ui0M?= =?iso-8859-1?q?rSZw1AixohwNv3alrLn2FSjN7ZzasT9vNtmR5x/mFnwo89UGGnUCcbNBcePd?= =?iso-8859-1?q?ZqDF3PA3MmaayrHjZ3ay0SVdIIoLxorq9EM5pk2pMwnzva9jyukgsBow1W0c?= =?iso-8859-1?q?5DMqHQVOKCRdb25Gr51utELWQndVGzdZKmvF3fr640SGwTsil+aVuWq6Fsie?= =?iso-8859-1?q?uFv9yymt8dr4WMkXzT09dzA379uuUAkrM9nhLFg=3D=3D?= MIME-Version: 1.0 X-OriginatorOrg: epam.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PAVPR03MB10102.eurprd03.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 4bd54490-b9b6-41b5-03fc-08dcfe39c1d7 X-MS-Exchange-CrossTenant-originalarrivaltime: 06 Nov 2024 08:05:19.8212 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: b41b72d0-4e9f-4c26-8a69-f949f367c91d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: AdXTMO7xQ+RXl/b10ch7gf9QFcvHev3tZwBgqVXgLLw7+YRZ+ZbjN+kSiUllxszbNutTeldAkXA/TYNAWfApSw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DBAPR03MB6392 During the construction of dmask value, it gets shifted by (32 - msi->vectors) bits. If msi->vectors is 0, the result of the shift becomes undefined due to shifting by a size of the type. While this works fine on x86, on ARM the resulting mask becomes 0xFFFFFFFF, which is incorrect. Fix this by adding an explicit check for msi->vectors == 0. Signed-off-by: Mykyta Poturai --- xen/drivers/vpci/msi.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/xen/drivers/vpci/msi.c b/xen/drivers/vpci/msi.c index 7bda47e7fc..787296fd42 100644 --- a/xen/drivers/vpci/msi.c +++ b/xen/drivers/vpci/msi.c @@ -172,7 +172,7 @@ static void cf_check mask_write( struct vpci_msi *msi = data; uint32_t dmask = msi->mask ^ val; - if ( !dmask ) + if ( !dmask || msi->vectors == 0 ) return; if ( msi->enabled )