xen-devel.lists.xenproject.org archive mirror
 help / color / mirror / Atom feed
From: Julien Grall <julien@xen.org>
To: xen-devel@lists.xenproject.org
Cc: bertrand.marquis@arm.com, Julien Grall <jgrall@amazon.com>,
	Andrew Cooper <andrew.cooper3@citrix.com>,
	George Dunlap <george.dunlap@citrix.com>,
	Ian Jackson <iwj@xenproject.org>, Jan Beulich <jbeulich@suse.com>,
	Julien Grall <julien@xen.org>,
	Stefano Stabellini <sstabellini@kernel.org>, Wei Liu <wl@xen.org>
Subject: [PATCH 2/2] xen/gunzip: Allow perform_gunzip() to be called multiple times
Date: Fri,  2 Apr 2021 16:21:05 +0100	[thread overview]
Message-ID: <20210402152105.29387-3-julien@xen.org> (raw)
In-Reply-To: <20210402152105.29387-1-julien@xen.org>

From: Julien Grall <jgrall@amazon.com>

Currently perform_gunzip() can only be called once because the
the internal state (e.g allocate) is not fully re-initialized.

This works fine if you are only booting dom0. But this will break when
booting multiple using the dom0less that uses compressed kernel images.

This can be resolved by re-initializing bytes_out, malloc_ptr,
malloc_count every time perform_gunzip() is called.

Note the latter is only re-initialized for hardening purpose as there is
no guarantee that every malloc() are followed by free() (It should in

Take the opportunity to check the return of alloc_heap_pages() to return
an error rather than dereferencing a NULL pointer later on failure.

Reported-by: Charles Chiou <cchiou@ambarella.com>
Signed-off-by: Julien Grall <jgrall@amazon.com>
 xen/common/gunzip.c  | 5 +++++
 xen/common/inflate.c | 6 ++++++
 2 files changed, 11 insertions(+)

diff --git a/xen/common/gunzip.c b/xen/common/gunzip.c
index db4efcd34b77..425d64e904d8 100644
--- a/xen/common/gunzip.c
+++ b/xen/common/gunzip.c
@@ -114,11 +114,16 @@ __init int perform_gunzip(char *output, char *image, unsigned long image_len)
     window = (unsigned char *)output;
     free_mem_ptr = (unsigned long)alloc_xenheap_pages(HEAPORDER, 0);
+    if ( !free_mem_ptr )
+        return -ENOMEM;
     free_mem_end_ptr = free_mem_ptr + (PAGE_SIZE << HEAPORDER);
+    init_allocator();
     inbuf = (unsigned char *)image;
     insize = image_len;
     inptr = 0;
+    bytes_out = 0;
diff --git a/xen/common/inflate.c b/xen/common/inflate.c
index f99c985d6135..d8c28a3e9593 100644
--- a/xen/common/inflate.c
+++ b/xen/common/inflate.c
@@ -238,6 +238,12 @@ STATIC const ush mask_bits[] = {
 static unsigned long INITDATA malloc_ptr;
 static int INITDATA malloc_count;
+static void init_allocator(void)
+    malloc_ptr = free_mem_ptr;
+    malloc_count = 0;
 static void *INIT malloc(int size)
     void *p;

  parent reply	other threads:[~2021-04-02 15:21 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-04-02 15:21 [PATCH 0/2] xen/arm: Couple of bug fixes when decompressing kernels Julien Grall
2021-04-02 15:21 ` [PATCH 1/2] xen/arm: kernel: Propagate the error if we fail to decompress the kernel Julien Grall
2021-04-06 19:15   ` Julien Grall
2021-04-02 15:21 ` Julien Grall [this message]
2021-04-06  7:40   ` [PATCH 2/2] xen/gunzip: Allow perform_gunzip() to be called multiple times Jan Beulich
2021-04-07 10:39   ` Jan Beulich
2021-04-07 18:18     ` Julien Grall
2021-04-06  7:45 ` [PATCH 0/2] xen/arm: Couple of bug fixes when decompressing kernels Jan Beulich
2021-04-06 14:13   ` Julien Grall
2021-04-06 18:31 ` Julien Grall

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210402152105.29387-3-julien@xen.org \
    --to=julien@xen.org \
    --cc=andrew.cooper3@citrix.com \
    --cc=bertrand.marquis@arm.com \
    --cc=george.dunlap@citrix.com \
    --cc=iwj@xenproject.org \
    --cc=jbeulich@suse.com \
    --cc=jgrall@amazon.com \
    --cc=sstabellini@kernel.org \
    --cc=wl@xen.org \
    --cc=xen-devel@lists.xenproject.org \


* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).