From: Wei Liu <wei.liu2@citrix.com>
Date: Wed, 26 Sep 2018 10:52:54 +0000 (+0100)
Subject: x86: make sure module array is large enough in pvh-boot.c
X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=c88397db5c3fa5e52da05234fba046bda075af29;p=people%2Fiwj%2Fxen.git

x86: make sure module array is large enough in pvh-boot.c

The relocation code in __start_xen requires one extra element in the
module array. By the looks of it the temporary array is already large
enough. Panic if that's not the case.

While at it, turn an ASSERT to panic() as well.

Signed-off-by: Wei Liu <wei.liu2@citrix.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
---

diff --git a/xen/arch/x86/guest/pvh-boot.c b/xen/arch/x86/guest/pvh-boot.c
index 0e9e5bfdf6..6e81b32b92 100644
--- a/xen/arch/x86/guest/pvh-boot.c
+++ b/xen/arch/x86/guest/pvh-boot.c
@@ -42,7 +42,17 @@ static void __init convert_pvh_info(void)
     module_t *mod;
     unsigned int i;
 
-    ASSERT(pvh_info->magic == XEN_HVM_START_MAGIC_VALUE);
+    if ( pvh_info->magic != XEN_HVM_START_MAGIC_VALUE )
+        panic("Magic value is wrong: %x\n", pvh_info->magic);
+
+    /*
+     * Temporary module array needs to be at least one element bigger than
+     * required. The extra element is used to aid relocation. See
+     * arch/x86/setup.c:__start_xen().
+     */
+    if ( ARRAY_SIZE(pvh_mbi_mods) <= pvh_info->nr_modules )
+        panic("The module array is too small, size %zu, requested %u\n",
+              ARRAY_SIZE(pvh_mbi_mods), pvh_info->nr_modules);
 
     /*
      * Turn hvm_start_info into mbi. Luckily all modules are placed under 4GB