The way XEN_DOMCTL_set_cpuid got handled so far allowed for surprises
to the caller. With this set of operations
- set leaf A (using array index 0)
- set leaf B (using array index 1)
- clear leaf A (clearing array index 0)
- set leaf B (using array index 0)
- clear leaf B (clearing array index 0)
the entry for leaf B at array index 1 would still be in place, while
the caller would expect it to be cleared.
While looking at the use sites of d->arch.cpuid[] I also noticed that
the allocation of the array needlessly uses the zeroing form - the
relevant fields of the array elements get set in a loop immediately
following the allocation.
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Tim Deegan <tim@xen.org>
master commit:
4c0ff6bd54b5a67f8f820f9ed0a89a79f1a26a1c
master date: 2014-05-02 12:09:03 +0200
if ( !is_idle_domain(d) )
{
- d->arch.cpuids = xzalloc_array(cpuid_input_t, MAX_CPUID_INPUT);
+ d->arch.cpuids = xmalloc_array(cpuid_input_t, MAX_CPUID_INPUT);
rc = -ENOMEM;
if ( d->arch.cpuids == NULL )
goto fail;
{
struct domain *d;
xen_domctl_cpuid_t *ctl = &domctl->u.cpuid;
- cpuid_input_t *cpuid = NULL;
+ cpuid_input_t *cpuid, *unused = NULL;
int i;
ret = -ESRCH;
if ( d == NULL )
break;
- for ( i = 0; i < MAX_CPUID_INPUT; i++ )
+ for ( ret = i = 0; i < MAX_CPUID_INPUT; i++ )
{
cpuid = &d->arch.cpuids[i];
if ( cpuid->input[0] == XEN_CPUID_INPUT_UNUSED )
- break;
+ {
+ if ( !unused )
+ unused = cpuid;
+ continue;
+ }
if ( (cpuid->input[0] == ctl->input[0]) &&
((cpuid->input[1] == XEN_CPUID_INPUT_UNUSED) ||
break;
}
- if ( i == MAX_CPUID_INPUT )
- {
- ret = -ENOENT;
- }
+ if ( i < MAX_CPUID_INPUT )
+ *cpuid = *ctl;
+ else if ( unused )
+ *unused = *ctl;
else
- {
- memcpy(cpuid, ctl, sizeof(cpuid_input_t));
- ret = 0;
- }
+ ret = -ENOENT;
rcu_unlock_domain(d);
}
projects / xen.git / commitdiff