This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


[Xen-devel] [PATCH] xentrace: correct overflow check for number of per-c

To: xen-devel@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-devel] [PATCH] xentrace: correct overflow check for number of per-cpu trace pages
From: Olaf Hering <olaf@xxxxxxxxx>
Date: Thu, 14 Apr 2011 17:31:19 +0200
Cc: George Dunlap <george.dunlap@xxxxxxxxxx>
Delivery-date: Thu, 14 Apr 2011 08:34:22 -0700
Dkim-signature: v=1; a=rsa-sha1; c=relaxed/relaxed; t=1302795080; l=2216; s=domk; d=aepfle.de; h=Cc:To:From:Date:Subject:Content-Transfer-Encoding:MIME-Version: Content-Type:X-RZG-CLASS-ID:X-RZG-AUTH; bh=WzlFwBYmRFSeIAqE3rs63zKqYeU=; b=SOH09WPudV1ESltMChHgL7zZxrUfTZiihNwgK6eWG01U7cpo2d1gWKyteLcSmi/MXQR jbrFwPINYdk0amimvndN72E6siBsOlPp0GsJO11wFaSMEXtlRErJoHp4gDqSDoA7izV0m GvMXjBVCFMSx0SqQaF9b9oVA6e/t3q7Rg18=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mercurial-patchbomb/1.8.1
# HG changeset patch
# User Olaf Hering <olaf@xxxxxxxxx>
# Date 1302794855 -7200
# Node ID ceb2bbced07a03d938ff2f38ee6a5b88fa3f26ef
# Parent  b5165fb66b56d9438d77b475eaa9db67318d1ea1
xentrace: correct overflow check for number of per-cpu trace pages

The calculated number of per-cpu trace pages is stored in t_info and
shared with tools like xentrace. Since its an u16 the value may overflow
because the current check is based on u32.
Using the u16 means each cpu could in theory use up to 256MB as trace
buffer. However such a large allocation will currently fail on x86 due
to the MAX_ORDER limit.
Check both max theoretical number of pages per cpu and max number of
pages reachable by struct t_buf->prod/cons variables with requested
number of pages.

Signed-off-by: Olaf Hering <olaf@xxxxxxxxx>

diff -r b5165fb66b56 -r ceb2bbced07a xen/common/trace.c
--- a/xen/common/trace.c        Thu Apr 14 14:57:24 2011 +0100
+++ b/xen/common/trace.c        Thu Apr 14 17:27:35 2011 +0200
@@ -104,25 +104,33 @@ static void calc_tinfo_first_offset(void
  * calculate_tbuf_size - check to make sure that the proposed size will fit
  * in the currently sized struct t_info and allows prod and cons to
  * reach double the value without overflow.
+ * The t_info layout is fixed and cant be changed without breaking xentrace.
  * Initialize t_info_pages based on number of trace pages.
 static int calculate_tbuf_size(unsigned int pages)
-    struct t_buf dummy;
-    typeof(dummy.prod) size;
+    struct t_buf dummy_size;
+    typeof(dummy_size.prod) max_size;
+    struct t_info dummy_pages;
+    typeof(dummy_pages.tbuf_size) max_pages;
     unsigned int t_info_words;
     /* force maximum value for an unsigned type */
-    size = -1;
+    max_size = -1;
+    max_pages = -1;
     /* max size holds up to n pages */
-    size /= PAGE_SIZE;
-    if ( pages > size )
+    max_size /= PAGE_SIZE;
+    if ( max_size < max_pages )
+        max_pages = max_size;
+    if ( pages > max_pages )
         printk(XENLOG_INFO "xentrace: requested number of %u pages "
                "reduced to %u\n",
-               pages, (unsigned int)size);
-        pages = size;
+               pages, max_pages);
+        pages = max_pages;
     t_info_words = num_online_cpus() * pages * sizeof(uint32_t);

Xen-devel mailing list

<Prev in Thread] Current Thread [Next in Thread>