When querying CPU topology, if caller-provided array size is smaller than
number of online CPUs then, in addition to returning -ENOBUFS, sysctl is
expected to provide back this number. However, this value, stored in 'i',
is overwritten in the subsequent loop's control statement.
Make sure we don't do this by converting the loop to 'while'.
Signed-off-by: Boris Ostrovsky <boris.ostrov...@oracle.com>
Reported-by: Andrew Cooper <andrew.coop...@citrix.com>
---
xen/common/sysctl.c | 6 +++++-
1 files changed, 5 insertions(+), 1 deletions(-)
diff --git a/xen/common/sysctl.c b/xen/common/sysctl.c
index a8c629f..b83d230 100644
--- a/xen/common/sysctl.c
+++ b/xen/common/sysctl.c
@@ -338,8 +338,10 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xen_sysctl_t)
u_sysctl)
ret = -ENOBUFS;
i = num_cpus;
}
+ else
+ i = 0;
- for ( i = 0; i < num_cpus; i++ )
+ while ( i < num_cpus )
{
xen_sysctl_cputopo_t cputopo;
@@ -363,6 +365,8 @@ long do_sysctl(XEN_GUEST_HANDLE_PARAM(xen_sysctl_t)
u_sysctl)
ret = -EFAULT;
break;
}
+
+ i++;
}
}
else
--
1.7.1
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
