1d11625a98
521c6d4a-x86-don-t-allow-Dom0-access-to-the-MSI-address-range.patch 521c6d6c-x86-don-t-allow-Dom0-access-to-the-HT-address-range.patch 521c6e23-x86-Intel-add-support-for-Haswell-CPU-models.patch 521db25f-Fix-inactive-timer-list-corruption-on-second-S3-resume.patch 521e1156-x86-AVX-instruction-emulation-fixes.patch 521ef8d9-AMD-IOMMU-add-missing-checks.patch 52205a7d-hvmloader-smbios-Correctly-count-the-number-of-tables-written.patch 52205a90-public-hvm_xs_strings.h-Fix-ABI-regression-for-OEM-SMBios-strings.patch 52205e27-x86-xsave-initialization-improvements.patch 5226020f-xend-handle-extended-PCI-configuration-space-when-saving-state.patch 52260214-xend-fix-file-descriptor-leak-in-pci-utilities.patch 52285317-hvmloader-fix-SeaBIOS-interface.patch OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=271
30 lines
1.2 KiB
Diff
30 lines
1.2 KiB
Diff
# Commit 3785d30efe8264b899499e0883b10cc434bd0959
|
|
# Date 2013-08-29 09:31:37 +0200
|
|
# Author Jan Beulich <jbeulich@suse.com>
|
|
# Committer Jan Beulich <jbeulich@suse.com>
|
|
AMD IOMMU: add missing check
|
|
|
|
We shouldn't accept IVHD tables specifying IO-APIC IDs beyond the limit
|
|
we support (MAX_IO_APICS, currently 128).
|
|
|
|
Signed-off-by: Jan Beulich <jbeulich@suse.com>
|
|
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
|
|
Acked-by: Suravee Suthikulpanit <suravee.suthikulapanit@amd.com>
|
|
|
|
--- 2013-08-30.orig/xen/drivers/passthrough/amd/iommu_acpi.c 2013-08-30 13:48:36.000000000 +0200
|
|
+++ 2013-08-30/xen/drivers/passthrough/amd/iommu_acpi.c 2013-09-06 13:49:07.000000000 +0200
|
|
@@ -674,6 +674,13 @@ static u16 __init parse_ivhd_device_spec
|
|
if ( IO_APIC_ID(apic) != special->handle )
|
|
continue;
|
|
|
|
+ if ( special->handle >= ARRAY_SIZE(ioapic_sbdf) )
|
|
+ {
|
|
+ printk(XENLOG_ERR "IVHD Error: IO-APIC %#x entry beyond bounds\n",
|
|
+ special->handle);
|
|
+ return 0;
|
|
+ }
|
|
+
|
|
if ( ioapic_sbdf[special->handle].pin_2_idx )
|
|
{
|
|
if ( ioapic_sbdf[special->handle].bdf == bdf &&
|