arm: Fix off-by-one in gic_probe_cpu_id

We support up to 8 CPUs, not 9. Avoid future overflows by using the
actual size of target_cpu_map as limit.

This addresses Coverity finding CID 21114.

Adjust comment wordings at this chance as well.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>

diff --git a/hypervisor/arch/arm/gic-common.c b/hypervisor/arch/arm/gic-common.c
index 6fc1d27a7df3300529f5c8121b6b907f7f8fd0fc..f9cb098d22fba8d67c3d498602b0ca6af0ec46e5 100644 (file)
--- a/hypervisor/arch/arm/gic-common.c
+++ b/hypervisor/arch/arm/gic-common.c
@@ -243,14 +243,14 @@ static int handle_sgir_access(struct per_cpu *cpu_data,
  * Get the CPU interface ID for this cpu. It can be discovered by reading
  * the banked value of the PPI and IPI TARGET registers
  * Patch 2bb3135 in Linux explains why the probe may need to scans the first 8
- * registers: some early implementation returned 0 for the first TARGETS
- * registributor.
+ * registers: some early implementation returned 0 for the first ITARGETSR
+ * registers.
  * Since those didn't have virtualization extensions, we can safely ignore that
  * case.
  */
 int gic_probe_cpu_id(unsigned int cpu)
 {
-       if (cpu > 8)
+       if (cpu >= ARRAY_SIZE(target_cpu_map))
                return -EINVAL;
 
        target_cpu_map[cpu] = mmio_read32(gicd_base + GICD_ITARGETSR);