Coverity identified some new issues in the recently commit kexec changes. The other new kexec related issues (e.g. CID 1128572: Reliance on integer endianness (INCOMPATIBLE_CAST)) are believed to be coverity being confused by the underlying atomic_read()/atomic_write() and getting its types wrong. David
David Vrabel
2013-Nov-13 14:43 UTC
[PATCH 1/2] kexec: fix kexec_lock use in kexec_swap_images()
From: David Vrabel <david.vrabel@citrix.com>
CID 1128573
If a bad image type is supplied in a KEXECOP_unload hypercall, the
kexec_lock in kexec_swap_images() was left locked, causing a deadlock
on a subsequent image load or unload.
The kexec_lock is only required to serialize the swap operation
itself.
Signed-off-by: David Vrabel <david.vrabel@citrix.com>
---
xen/common/kexec.c | 7 ++-----
1 files changed, 2 insertions(+), 5 deletions(-)
diff --git a/xen/common/kexec.c b/xen/common/kexec.c
index 9999bab..17f3ed7 100644
--- a/xen/common/kexec.c
+++ b/xen/common/kexec.c
@@ -785,17 +785,14 @@ static int kexec_swap_images(int type, struct kexec_image
*new,
*old = NULL;
- spin_lock(&kexec_lock);
-
if ( test_bit(KEXEC_FLAG_IN_PROGRESS, &kexec_flags) )
- {
- spin_unlock(&kexec_lock);
return -EBUSY;
- }
if ( kexec_load_get_bits(type, &base, &bit) )
return -EINVAL;
+ spin_lock(&kexec_lock);
+
pos = (test_bit(bit, &kexec_flags) != 0);
old_slot = base + pos;
new_slot = base + !pos;
--
1.7.2.5
David Vrabel
2013-Nov-13 14:43 UTC
[PATCH 2/2] kexec: fail image loads if the page tables cannot be built
From: David Vrabel <david.vrabel@citrix.com>
CID 1128566
If an image source page is allocated in kimage_alloc_page() but the
machine_kexec_add_page() fails, the image may appear to load
succesfully but it will not execute. The relocation will fault
(rebooting the host) when trying to copy the source page, as it is not
mapped.
Signed-off-by: David Vrabel <david.vrabel@citrix.com>
---
xen/common/kimage.c | 9 ++++++++-
1 files changed, 8 insertions(+), 1 deletions(-)
diff --git a/xen/common/kimage.c b/xen/common/kimage.c
index 5c3e3b3..91943f1 100644
--- a/xen/common/kimage.c
+++ b/xen/common/kimage.c
@@ -592,6 +592,7 @@ static struct page_info *kimage_alloc_page(struct
kexec_image *image,
*/
struct page_info *page;
paddr_t addr;
+ int ret;
/*
* Walk through the list of destination pages, and see if I have a
@@ -656,7 +657,13 @@ static struct page_info *kimage_alloc_page(struct
kexec_image *image,
}
}
found:
- machine_kexec_add_page(image, page_to_maddr(page), page_to_maddr(page));
+ ret = machine_kexec_add_page(image, page_to_maddr(page),
+ page_to_maddr(page));
+ if ( ret < 0 )
+ {
+ free_domheap_page(page);
+ return NULL;
+ }
return page;
}
--
1.7.2.5
On 13/11/13 14:43, David Vrabel wrote:> Coverity identified some new issues in the recently commit kexec > changes. > > The other new kexec related issues (e.g. CID 1128572: Reliance on > integer endianness (INCOMPATIBLE_CAST)) are believed to be coverity > being confused by the underlying atomic_read()/atomic_write() and > getting its types wrong. > > David >Both Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>> _______________________________________________ > Xen-devel mailing list > Xen-devel@lists.xen.org > http://lists.xen.org/xen-devel