On 02/11/2024 5:25 pm, Daniel P. Smith wrote:
> @@ -1301,16 +1302,25 @@ static void __hwdom_init pvh_setup_mmcfg(struct
> domain *d)
> }
> }
>
> -int __init dom0_construct_pvh(struct domain *d, const module_t *image,
> - unsigned long image_headroom,
> - module_t *initrd,
> - const char *cmdline)
> +int __init dom0_construct_pvh(struct boot_info *bi, struct domain *d)
> {
> paddr_t entry, start_info;
> + struct boot_module *image;
> + struct boot_module *initrd = NULL;
> int rc;
>
> printk(XENLOG_INFO "*** Building a PVH Dom%d ***\n", d->domain_id);
>
> + rc = first_boot_module_index(bi, BOOTMOD_KERNEL);
> + if ( unlikely(rc < 0 || rc > bi->nr_modules) )
> + panic("Missing kernel boot module for %pd construction\n", d);
Just noticed while experimenting. The upper bound (for the error case)
should be >= because nothing good can come of being handed the Xen module.
> +
> + image = &bi->mods[rc];
> +
> + rc = first_boot_module_index(bi, BOOTMOD_RAMDISK);
> + if ( rc > 0 || rc < bi->nr_modules )
> + initrd = &bi->mods[rc];
This range check is tautologically true. You want && instead of ||.
Same elsewhere, although this goes away when the variable is unsigned
(and we remove assumptions about the dom0 kernel's index).
~Andrew
