summary refs log tree commit diff
path: root/src/linux.rs
diff options
context:
space:
mode:
authorDaniel Verkamp <dverkamp@chromium.org>2019-11-26 13:16:35 -0800
committerCommit Bot <commit-bot@chromium.org>2019-12-06 09:37:52 +0000
commit6a8470679503482a9cc794ec55c984f5564cf9f6 (patch)
tree983382d0ee0235d87fc436dbb82d39bb770774c1 /src/linux.rs
parentbbc866e7deea7193c3ed1becbe9c5e617ca79df4 (diff)
downloadcrosvm-6a8470679503482a9cc794ec55c984f5564cf9f6.tar
crosvm-6a8470679503482a9cc794ec55c984f5564cf9f6.tar.gz
crosvm-6a8470679503482a9cc794ec55c984f5564cf9f6.tar.bz2
crosvm-6a8470679503482a9cc794ec55c984f5564cf9f6.tar.lz
crosvm-6a8470679503482a9cc794ec55c984f5564cf9f6.tar.xz
crosvm-6a8470679503482a9cc794ec55c984f5564cf9f6.tar.zst
crosvm-6a8470679503482a9cc794ec55c984f5564cf9f6.zip
linux: check memory size calculation overflow
On systems where usize is 32 bits wide (e.g. 32-bit arm), the
calculation of memory_size in bytes based on the -m configuration option
in megabytes would silently overflow when the resulting value was wider
than 32 bits.

Change the shift that converts megabytes to bytes into a checked_mul so
that a suitable error is produced if the size overflows.

Additionally, change the cfg.memory type to u64 instead of usize; this
is representing a size in megabytes, so its maximum value isn't related
to the size of an object in memory anyway, and this avoids the need for
a cast in the memory_size calculation.  Requesting a memory size larger
than the crosvm process can map will still result in an error at a later
stage in guest startup.

BUG=chromium:1028747
TEST=`crosvm run -m $((5 * 1024)) ...` on kevin

Change-Id: I8fef7070bab4dafff70ed54738b26d0bb7632150
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1937551
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Tested-by: kokoro <noreply+kokoro@google.com>
Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Diffstat (limited to 'src/linux.rs')
-rw-r--r--src/linux.rs8
1 files changed, 7 insertions, 1 deletions
diff --git a/src/linux.rs b/src/linux.rs
index 7257520..1c606b9 100644
--- a/src/linux.rs
+++ b/src/linux.rs
@@ -110,6 +110,7 @@ pub enum Error {
     InvalidWaylandPath,
     IoJail(io_jail::Error),
     LoadKernel(Box<dyn StdError>),
+    MemoryTooLarge,
     NetDeviceNew(virtio::NetError),
     OpenAndroidFstab(PathBuf, io::Error),
     OpenBios(PathBuf, io::Error),
@@ -196,6 +197,7 @@ impl Display for Error {
             InvalidWaylandPath => write!(f, "wayland socket path has no parent or file name"),
             IoJail(e) => write!(f, "{}", e),
             LoadKernel(e) => write!(f, "failed to load kernel: {}", e),
+            MemoryTooLarge => write!(f, "requested memory size too large"),
             NetDeviceNew(e) => write!(f, "failed to set up virtio networking: {}", e),
             OpenAndroidFstab(p, e) => write!(
                 f,
@@ -1404,7 +1406,11 @@ pub fn run_config(cfg: Config) -> Result<()> {
     };
 
     let components = VmComponents {
-        memory_size: (cfg.memory.unwrap_or(256) << 20) as u64,
+        memory_size: cfg
+            .memory
+            .unwrap_or(256)
+            .checked_mul(1024 * 1024)
+            .ok_or(Error::MemoryTooLarge)?,
         vcpu_count: cfg.vcpu_count.unwrap_or(1),
         vcpu_affinity: cfg.vcpu_affinity.clone(),
         vm_image,
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-01 05:09:32 +0000