>>> On 12.09.16 at 18:21, <andrew.coop...@citrix.com> wrote:
> Without checking the size input, the memcpy() for the uncompressed path might
> read off the end of the vcpu's xsave_area. Both callers pass the approprite
> size, so hold them to it with a BUG_ON().
>
> The compressed path is currently dead code, but its attempt to avoid leaking
> uninitalised data was incomplete. Work around this by zeroing the whole rest
> of the buffer before decompression.
>
> The loop skips all bits which aren't set in xstate_bv, meaning that the
> memset() was dead code. The logic is more obvious with get_xsave_addr()
> expanded inline, allowing for quite a lot of simplification, including all the
> NULL pointer logic.
>
> Signed-off-by: Andrew Cooper <andrew.coop...@citrix.com>
Reviewed-by: Jan Beulich <jbeul...@suse.com>
with one suggestion:
> void expand_xsave_states(struct vcpu *v, void *dest, unsigned int size)
> {
> struct xsave_struct *xsave = v->arch.xsave_area;
> + const void *src;
I think with the addition of this variable and the removal of the use of
get_xsave_addr() "xsave" can now also be const.
Jan
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
