From 171d12943ded7abc13f09ced387efd95136ab260 Mon Sep 17 00:00:00 2001
From: Rob Bradford <robert.bradford@intel.com>
Date: Fri, 10 Sep 2021 10:41:38 +0100
Subject: [PATCH] vmm: memory_manager: Increase robustness of MemoryManager
 control device

See: #1289

Signed-off-by: Rob Bradford <robert.bradford@intel.com>
---
 vmm/src/memory_manager.rs | 32 +++++++++++++++++++-------------
 1 file changed, 19 insertions(+), 13 deletions(-)

diff --git a/vmm/src/memory_manager.rs b/vmm/src/memory_manager.rs
index 2bfbd0507..257d0274d 100644
--- a/vmm/src/memory_manager.rs
+++ b/vmm/src/memory_manager.rs
@@ -315,7 +315,7 @@ impl BusDevice for MemoryManager {
                 }
                 STATUS_OFFSET => {
                     // The Linux kernel, quite reasonably, doesn't zero the memory it gives us.
-                    data.copy_from_slice(&[0; 8][0..data.len()]);
+                    data.fill(0);
                     if state.active {
                         data[0] |= 1 << ENABLE_FLAG;
                     }
@@ -333,6 +333,8 @@ impl BusDevice for MemoryManager {
                     );
                 }
             }
+        } else {
+            warn!("Out of range memory slot: {}", self.selected_slot);
         }
     }
 
@@ -342,18 +344,22 @@ impl BusDevice for MemoryManager {
                 self.selected_slot = usize::from(data[0]);
             }
             STATUS_OFFSET => {
-                let state = &mut self.hotplug_slots[self.selected_slot];
-                // The ACPI code writes back a 1 to acknowledge the insertion
-                if (data[0] & (1 << INSERTING_FLAG) == 1 << INSERTING_FLAG) && state.inserting {
-                    state.inserting = false;
-                }
-                // Ditto for removal
-                if (data[0] & (1 << REMOVING_FLAG) == 1 << REMOVING_FLAG) && state.removing {
-                    state.removing = false;
-                }
-                // Trigger removal of "DIMM"
-                if data[0] & (1 << EJECT_FLAG) == 1 << EJECT_FLAG {
-                    warn!("Ejection of memory not currently supported");
+                if self.selected_slot < self.hotplug_slots.len() {
+                    let state = &mut self.hotplug_slots[self.selected_slot];
+                    // The ACPI code writes back a 1 to acknowledge the insertion
+                    if (data[0] & (1 << INSERTING_FLAG) == 1 << INSERTING_FLAG) && state.inserting {
+                        state.inserting = false;
+                    }
+                    // Ditto for removal
+                    if (data[0] & (1 << REMOVING_FLAG) == 1 << REMOVING_FLAG) && state.removing {
+                        state.removing = false;
+                    }
+                    // Trigger removal of "DIMM"
+                    if data[0] & (1 << EJECT_FLAG) == 1 << EJECT_FLAG {
+                        warn!("Ejection of memory not currently supported");
+                    }
+                } else {
+                    warn!("Out of range memory slot: {}", self.selected_slot);
                 }
             }
             _ => {