On 13/09/16 09:23, Jan Beulich wrote: >>>> On 12.09.16 at 18:21, <andrew.coop...@citrix.com> wrote: >> Without checking the size input, the memcpy() for the uncompressed path might >> read off the end of the vcpu's xsave_area. Both callers pass the approprite >> size, so hold them to it with a BUG_ON(). >> >> The compressed path is currently dead code, but its attempt to avoid leaking >> uninitalised data was incomplete. Work around this by zeroing the whole rest >> of the buffer before decompression. >> >> The loop skips all bits which aren't set in xstate_bv, meaning that the >> memset() was dead code. The logic is more obvious with get_xsave_addr() >> expanded inline, allowing for quite a lot of simplification, including all >> the >> NULL pointer logic. >> >> Signed-off-by: Andrew Cooper <andrew.coop...@citrix.com> > Reviewed-by: Jan Beulich <jbeul...@suse.com> > with one suggestion: > >> void expand_xsave_states(struct vcpu *v, void *dest, unsigned int size) >> { >> struct xsave_struct *xsave = v->arch.xsave_area; >> + const void *src; > I think with the addition of this variable and the removal of the use of > get_xsave_addr() "xsave" can now also be const.
So it can. Done. ~Andrew _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org https://lists.xen.org/xen-devel