diff options
author | Daniel Verkamp <dverkamp@chromium.org> | 2019-11-26 13:16:35 -0800 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2019-12-06 09:37:52 +0000 |
commit | 6a8470679503482a9cc794ec55c984f5564cf9f6 (patch) | |
tree | 983382d0ee0235d87fc436dbb82d39bb770774c1 /src/linux.rs | |
parent | bbc866e7deea7193c3ed1becbe9c5e617ca79df4 (diff) | |
download | crosvm-6a8470679503482a9cc794ec55c984f5564cf9f6.tar crosvm-6a8470679503482a9cc794ec55c984f5564cf9f6.tar.gz crosvm-6a8470679503482a9cc794ec55c984f5564cf9f6.tar.bz2 crosvm-6a8470679503482a9cc794ec55c984f5564cf9f6.tar.lz crosvm-6a8470679503482a9cc794ec55c984f5564cf9f6.tar.xz crosvm-6a8470679503482a9cc794ec55c984f5564cf9f6.tar.zst crosvm-6a8470679503482a9cc794ec55c984f5564cf9f6.zip |
linux: check memory size calculation overflow
On systems where usize is 32 bits wide (e.g. 32-bit arm), the calculation of memory_size in bytes based on the -m configuration option in megabytes would silently overflow when the resulting value was wider than 32 bits. Change the shift that converts megabytes to bytes into a checked_mul so that a suitable error is produced if the size overflows. Additionally, change the cfg.memory type to u64 instead of usize; this is representing a size in megabytes, so its maximum value isn't related to the size of an object in memory anyway, and this avoids the need for a cast in the memory_size calculation. Requesting a memory size larger than the crosvm process can map will still result in an error at a later stage in guest startup. BUG=chromium:1028747 TEST=`crosvm run -m $((5 * 1024)) ...` on kevin Change-Id: I8fef7070bab4dafff70ed54738b26d0bb7632150 Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1937551 Reviewed-by: Stephen Barber <smbarber@chromium.org> Tested-by: kokoro <noreply+kokoro@google.com> Commit-Queue: Daniel Verkamp <dverkamp@chromium.org>
Diffstat (limited to 'src/linux.rs')
-rw-r--r-- | src/linux.rs | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/linux.rs b/src/linux.rs index 7257520..1c606b9 100644 --- a/src/linux.rs +++ b/src/linux.rs @@ -110,6 +110,7 @@ pub enum Error { InvalidWaylandPath, IoJail(io_jail::Error), LoadKernel(Box<dyn StdError>), + MemoryTooLarge, NetDeviceNew(virtio::NetError), OpenAndroidFstab(PathBuf, io::Error), OpenBios(PathBuf, io::Error), @@ -196,6 +197,7 @@ impl Display for Error { InvalidWaylandPath => write!(f, "wayland socket path has no parent or file name"), IoJail(e) => write!(f, "{}", e), LoadKernel(e) => write!(f, "failed to load kernel: {}", e), + MemoryTooLarge => write!(f, "requested memory size too large"), NetDeviceNew(e) => write!(f, "failed to set up virtio networking: {}", e), OpenAndroidFstab(p, e) => write!( f, @@ -1404,7 +1406,11 @@ pub fn run_config(cfg: Config) -> Result<()> { }; let components = VmComponents { - memory_size: (cfg.memory.unwrap_or(256) << 20) as u64, + memory_size: cfg + .memory + .unwrap_or(256) + .checked_mul(1024 * 1024) + .ok_or(Error::MemoryTooLarge)?, vcpu_count: cfg.vcpu_count.unwrap_or(1), vcpu_affinity: cfg.vcpu_affinity.clone(), vm_image, |