From: Ahmed S. Darwish <darwi@linutronix.de>
Date: Tue, 8 Apr 2025 07:37:38 +0000 (+0200)
Subject: x86/cpu: Validate CPUID leaf 0x2 EDX output
X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=a47b44a8f0a58a6015faf6465921cd203f0b51d1;p=xen.git

x86/cpu: Validate CPUID leaf 0x2 EDX output

CPUID leaf 0x2 emits one-byte descriptors in its four output registers
EAX, EBX, ECX, and EDX.  For these descriptors to be valid, the most
significant bit (MSB) of each register must be clear.

Leaf 0x2 parsing at intel.c only validated the MSBs of EAX, EBX, and
ECX, but left EDX unchecked.

Validate EDX's most-significant bit as well.

Fixes: 1aa6feb63bfd ("Port CPU setup code from Linux 2.6")
Signed-off-by: Ahmed S. Darwish <darwi@linutronix.de>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Link: https://lore.kernel.org/r/20250304085152.51092-3-darwi@linutronix.de

Use ARRAY_SIZE() though.

Origin: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 1881148215c6
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Acked-by: Andrew Cooper <andrew.cooper3@citrix.com>
---

diff --git a/xen/arch/x86/cpu/intel_cacheinfo.c b/xen/arch/x86/cpu/intel_cacheinfo.c
index 9cfb759be0..e88faa7545 100644
--- a/xen/arch/x86/cpu/intel_cacheinfo.c
+++ b/xen/arch/x86/cpu/intel_cacheinfo.c
@@ -186,7 +186,7 @@ void init_intel_cacheinfo(struct cpuinfo_x86 *c)
 			cpuid(2, &regs[0], &regs[1], &regs[2], &regs[3]);
 
 			/* If bit 31 is set, this is an unknown format */
-			for ( j = 0 ; j < 3 ; j++ ) {
+			for ( j = 0; j < ARRAY_SIZE(regs); j++ ) {
 				if ( regs[j] >> 31 )
 					regs[j] = 0;
 			}