From 5327d059a267e97a47f9096eef65e3d12cc16ece Mon Sep 17 00:00:00 2001
From: Dylan Reid <dgreid@chromium.org>
Date: Fri, 17 Nov 2017 13:48:48 -0800
Subject: [PATCH] mptable: Fix range check and unit tests

The table grew with the addition of the 16 mpc_intsrc structures.
Correct the `compute_mp_size` function, the end check, and add a unit
test for the not having enough memory.

Change-Id: I1ff268629a47a422f50aefef9d6aa95121b94d59
Signed-off-by: Dylan Reid <dgreid@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/777710
Reviewed-by: Slava Malyugin <slavamn@google.com>
Reviewed-by: Zach Reizner <zachr@chromium.org>
---
 x86_64/src/mptable.rs | 29 +++++++++++++++++++++--------
 1 file changed, 21 insertions(+), 8 deletions(-)

diff --git a/x86_64/src/mptable.rs b/x86_64/src/mptable.rs
index a06dcbedf5..e5ab03ee7f 100644
--- a/x86_64/src/mptable.rs
+++ b/x86_64/src/mptable.rs
@@ -76,7 +76,9 @@ fn mpf_intel_compute_checksum(v: &mpf_intel) -> u8 {
 fn compute_mp_size(num_cpus: u8) -> usize {
     mem::size_of::<mpf_intel>() + mem::size_of::<mpc_table>() +
     mem::size_of::<mpc_cpu>() * (num_cpus as usize) + mem::size_of::<mpc_ioapic>() +
-    mem::size_of::<mpc_bus>() + mem::size_of::<mpc_intsrc>() + mem::size_of::<mpc_lintsrc>() * 2
+    mem::size_of::<mpc_bus>() + mem::size_of::<mpc_intsrc>() +
+    mem::size_of::<mpc_intsrc>() * 16 +
+    mem::size_of::<mpc_lintsrc>() * 2
 }
 
 /// Performs setup of the MP table for the given `num_cpus`.
@@ -89,7 +91,7 @@ pub fn setup_mptable(mem: &GuestMemory, num_cpus: u8) -> Result<()> {
 
     // The checked_add here ensures the all of the following base_mp.unchecked_add's will be without
     // overflow.
-    if let Some(end_mp) = base_mp.checked_add(mp_size) {
+    if let Some(end_mp) = base_mp.checked_add(mp_size - 1) {
         if !mem.address_in_range(end_mp) {
             return Err(Error::NotEnoughMemory);
         }
@@ -264,16 +266,26 @@ mod tests {
 
     #[test]
     fn bounds_check() {
-        let mem = GuestMemory::new(&[(GuestAddress(0), 0xff)]).unwrap();
+        let num_cpus = 4;
+        let mem = GuestMemory::new(&[(GuestAddress(0), compute_mp_size(num_cpus))]).unwrap();
 
-        setup_mptable(&mem, 4).unwrap();
+        setup_mptable(&mem, num_cpus).unwrap();
+    }
+
+    #[test]
+    fn bounds_check_fails() {
+        let num_cpus = 4;
+        let mem = GuestMemory::new(&[(GuestAddress(0), compute_mp_size(num_cpus) - 1)]).unwrap();
+
+        assert!(setup_mptable(&mem, num_cpus).is_err());
     }
 
     #[test]
     fn mpf_intel_checksum() {
-        let mem = GuestMemory::new(&[(GuestAddress(0), 0xff)]).unwrap();
+        let num_cpus = 1;
+        let mem = GuestMemory::new(&[(GuestAddress(0), compute_mp_size(num_cpus))]).unwrap();
 
-        setup_mptable(&mem, 1).unwrap();
+        setup_mptable(&mem, num_cpus).unwrap();
 
         let mpf_intel = mem.read_obj_from_addr(GuestAddress(0)).unwrap();
 
@@ -282,9 +294,10 @@ mod tests {
 
     #[test]
     fn mpc_table_checksum() {
-        let mem = GuestMemory::new(&[(GuestAddress(0), 0xff)]).unwrap();
+        let num_cpus = 4;
+        let mem = GuestMemory::new(&[(GuestAddress(0), compute_mp_size(num_cpus))]).unwrap();
 
-        setup_mptable(&mem, 4).unwrap();
+        setup_mptable(&mem, num_cpus).unwrap();
 
         let mpf_intel: mpf_intel = mem.read_obj_from_addr(GuestAddress(0)).unwrap();
         let mpc_offset = GuestAddress(mpf_intel.physptr as usize);