hv: fix some potential array overflow risk

'pcpu_id' should be less than CONFIG_MAX_PCPU_NUM,
else 'per_cpu_data' will overflow. This commit fixes
this potential overflow issue.

Tracked-On: #3397
Signed-off-by: Tianhua Sun <tianhuax.s.sun@intel.com>
Reviewed-by: Yonghua Huang <yonghua.huang@intel.com>

hypervisor/arch/x86/guest/assign.c

@@ -66,7 +66,7 @@ static uint32_t calculate_logical_dest_mask(uint64_t pdmask)
 	uint16_t pcpu_id;
 
 	pcpu_id = ffs64(pcpu_mask);
-	while (pcpu_id != INVALID_BIT_INDEX) {
+	while (pcpu_id < CONFIG_MAX_PCPU_NUM) {
 		bitmap_clear_nolock(pcpu_id, &pcpu_mask);
 		dest_mask |= per_cpu(lapic_ldr, pcpu_id);
 		pcpu_id = ffs64(pcpu_mask);

hypervisor/arch/x86/lapic.c

@@ -240,7 +240,7 @@ void send_dest_ipi_mask(uint32_t dest_mask, uint32_t vector)
 
 	pcpu_id = ffs64(mask);
 
-	while (pcpu_id != INVALID_BIT_INDEX) {
+	while (pcpu_id < CONFIG_MAX_PCPU_NUM) {
 		bitmap32_clear_nolock(pcpu_id, &mask);
 		if (is_pcpu_active(pcpu_id)) {
 			icr.value_32.hi_32 = per_cpu(lapic_id, pcpu_id);

hypervisor/arch/x86/notify.c

@@ -44,7 +44,7 @@ void smp_call_function(uint64_t mask, smp_call_func_t func, void *data)
 	/* wait for previous smp call complete, which may run on other cpus */
 	while (atomic_cmpxchg64(&smp_call_mask, 0UL, mask & INVALID_BIT_INDEX) != 0UL);
 	pcpu_id = ffs64(mask);
-	while (pcpu_id != INVALID_BIT_INDEX) {
+	while (pcpu_id < CONFIG_MAX_PCPU_NUM) {
 		bitmap_clear_nolock(pcpu_id, &mask);
 		if (is_pcpu_active(pcpu_id)) {
 			smp_call = &per_cpu(smp_call_info, pcpu_id);