On 18.12.2019 09:06, Alexandru Stefan ISAILA wrote: > On 17.12.2019 18:50, Jan Beulich wrote: >> On 17.12.2019 16:12, Alexandru Stefan ISAILA wrote: >>> --- a/xen/arch/x86/mm/mem_access.c >>> +++ b/xen/arch/x86/mm/mem_access.c >>> @@ -367,10 +367,11 @@ long p2m_set_mem_access(struct domain *d, gfn_t gfn, >>> uint32_t nr, >>> if ( altp2m_idx ) >>> { >>> if ( altp2m_idx >= MAX_ALTP2M || >>> - d->arch.altp2m_eptp[altp2m_idx] == mfn_x(INVALID_MFN) ) >>> + d->arch.altp2m_eptp[array_index_nospec(altp2m_idx, MAX_EPTP)] >>> == >> >> The bounds check is against MAX_ALTP2M. Both MAX_ values look to be >> independent, which means bounds check and value passed to the >> helper need to match up (not just here). > > I will have both checks against MAX_ALTP2M.
An alternative would be something along the lines of if ( altp2m_idx >= min(MAX_ALTP2M, MAX_EPTP) || Jan _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel