From: Dan Carpenter <dan.carpenter@oracle.com>
To: kbuild@lists.01.org
Subject: Re: [PATCH v3 02/12] KVM: x86: Introduce allow list for MSR emulation
Date: Wed, 02 Sep 2020 10:31:48 +0300 [thread overview]
Message-ID: <20200902073147.GI8321@kadam> (raw)
In-Reply-To: <79dd5f72-a332-a657-674d-f3a9c94146f1@amazon.com>
[-- Attachment #1: Type: text/plain, Size: 3387 bytes --]
On Tue, Sep 01, 2020 at 09:13:10PM +0200, Alexander Graf wrote:
>
>
> On 31.08.20 12:39, Dan Carpenter wrote:
> >
> > Hi Aaron,
> >
> > url: https://github.com/0day-ci/linux/commits/Aaron-Lewis/Allow-userspace-to-manage-MSRs/20200819-051903
> > base: https://git.kernel.org/pub/scm/virt/kvm/kvm.git linux-next
> > config: x86_64-randconfig-m001-20200827 (attached as .config)
> > compiler: gcc-9 (Debian 9.3.0-15) 9.3.0
> >
> > If you fix the issue, kindly add following tag as appropriate
> > Reported-by: kernel test robot <lkp@intel.com>
> > Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
>
> Thanks a bunch for looking at this! I'd squash in the change with the actual
> patch as it's tiny, so I'm not sure how attribution would work in that case.
Yep. No problem. These are just a template that gets sent to everyone.
>
> >
> > smatch warnings:
> > arch/x86/kvm/x86.c:5248 kvm_vm_ioctl_add_msr_allowlist() error: 'bitmap' dereferencing possible ERR_PTR()
> >
> > # https://github.com/0day-ci/linux/commit/107c87325cf461b7b1bd07bb6ddbaf808a8d8a2a
> > git remote add linux-review https://github.com/0day-ci/linux git fetch
> > --no-tags linux-review
> > Aaron-Lewis/Allow-userspace-to-manage-MSRs/20200819-051903
> > git checkout 107c87325cf461b7b1bd07bb6ddbaf808a8d8a2a
> > vim +/bitmap +5248 arch/x86/kvm/x86.c
> >
> > 107c87325cf461 Aaron Lewis 2020-08-18 5181 static int kvm_vm_ioctl_add_msr_allowlist(struct kvm *kvm, void __user *argp)
> > 107c87325cf461 Aaron Lewis 2020-08-18 5182 {
> > 107c87325cf461 Aaron Lewis 2020-08-18 5183 struct msr_bitmap_range *ranges = kvm->arch.msr_allowlist_ranges;
> > 107c87325cf461 Aaron Lewis 2020-08-18 5184 struct kvm_msr_allowlist __user *user_msr_allowlist = argp;
> > 107c87325cf461 Aaron Lewis 2020-08-18 5185 struct msr_bitmap_range range;
> > 107c87325cf461 Aaron Lewis 2020-08-18 5186 struct kvm_msr_allowlist kernel_msr_allowlist;
> > 107c87325cf461 Aaron Lewis 2020-08-18 5187 unsigned long *bitmap = NULL;
> > 107c87325cf461 Aaron Lewis 2020-08-18 5188 size_t bitmap_size;
> > 107c87325cf461 Aaron Lewis 2020-08-18 5189 int r = 0;
> > 107c87325cf461 Aaron Lewis 2020-08-18 5190
> > 107c87325cf461 Aaron Lewis 2020-08-18 5191 if (copy_from_user(&kernel_msr_allowlist, user_msr_allowlist,
> > 107c87325cf461 Aaron Lewis 2020-08-18 5192 sizeof(kernel_msr_allowlist))) {
> > 107c87325cf461 Aaron Lewis 2020-08-18 5193 r = -EFAULT;
> > 107c87325cf461 Aaron Lewis 2020-08-18 5194 goto out;
> > 107c87325cf461 Aaron Lewis 2020-08-18 5195 }
> > 107c87325cf461 Aaron Lewis 2020-08-18 5196
> > 107c87325cf461 Aaron Lewis 2020-08-18 5197 bitmap_size = BITS_TO_LONGS(kernel_msr_allowlist.nmsrs) * sizeof(long);
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^n
> > On 32 bit systems the BITS_TO_LONGS() can integer overflow if
> > kernel_msr_allowlist.nmsrs is larger than ULONG_MAX - bits_per_long. In
> > that case bitmap_size is zero.
>
> Nice catch! It should be enough to ...
>
> >
> > 107c87325cf461 Aaron Lewis 2020-08-18 5198 if (bitmap_size > KVM_MSR_ALLOWLIST_MAX_LEN) {
>
> ... add a check for !bitmap_size here as well then, right?
Yup.
regards,
dan carpenter
WARNING: multiple messages have this Message-ID (diff)
From: Dan Carpenter <dan.carpenter@oracle.com>
To: Alexander Graf <graf@amazon.com>
Cc: kbuild@lists.01.org, Aaron Lewis <aaronlewis@google.com>,
jmattson@google.com, lkp@intel.com, kbuild-all@lists.01.org,
pshier@google.com, oupton@google.com, kvm@vger.kernel.org,
KarimAllah Ahmed <karahmed@amazon.de>
Subject: Re: [PATCH v3 02/12] KVM: x86: Introduce allow list for MSR emulation
Date: Wed, 2 Sep 2020 10:31:48 +0300 [thread overview]
Message-ID: <20200902073147.GI8321@kadam> (raw)
In-Reply-To: <79dd5f72-a332-a657-674d-f3a9c94146f1@amazon.com>
On Tue, Sep 01, 2020 at 09:13:10PM +0200, Alexander Graf wrote:
>
>
> On 31.08.20 12:39, Dan Carpenter wrote:
> >
> > Hi Aaron,
> >
> > url: https://github.com/0day-ci/linux/commits/Aaron-Lewis/Allow-userspace-to-manage-MSRs/20200819-051903
> > base: https://git.kernel.org/pub/scm/virt/kvm/kvm.git linux-next
> > config: x86_64-randconfig-m001-20200827 (attached as .config)
> > compiler: gcc-9 (Debian 9.3.0-15) 9.3.0
> >
> > If you fix the issue, kindly add following tag as appropriate
> > Reported-by: kernel test robot <lkp@intel.com>
> > Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
>
> Thanks a bunch for looking at this! I'd squash in the change with the actual
> patch as it's tiny, so I'm not sure how attribution would work in that case.
Yep. No problem. These are just a template that gets sent to everyone.
>
> >
> > smatch warnings:
> > arch/x86/kvm/x86.c:5248 kvm_vm_ioctl_add_msr_allowlist() error: 'bitmap' dereferencing possible ERR_PTR()
> >
> > # https://github.com/0day-ci/linux/commit/107c87325cf461b7b1bd07bb6ddbaf808a8d8a2a
> > git remote add linux-review https://github.com/0day-ci/linux git fetch
> > --no-tags linux-review
> > Aaron-Lewis/Allow-userspace-to-manage-MSRs/20200819-051903
> > git checkout 107c87325cf461b7b1bd07bb6ddbaf808a8d8a2a
> > vim +/bitmap +5248 arch/x86/kvm/x86.c
> >
> > 107c87325cf461 Aaron Lewis 2020-08-18 5181 static int kvm_vm_ioctl_add_msr_allowlist(struct kvm *kvm, void __user *argp)
> > 107c87325cf461 Aaron Lewis 2020-08-18 5182 {
> > 107c87325cf461 Aaron Lewis 2020-08-18 5183 struct msr_bitmap_range *ranges = kvm->arch.msr_allowlist_ranges;
> > 107c87325cf461 Aaron Lewis 2020-08-18 5184 struct kvm_msr_allowlist __user *user_msr_allowlist = argp;
> > 107c87325cf461 Aaron Lewis 2020-08-18 5185 struct msr_bitmap_range range;
> > 107c87325cf461 Aaron Lewis 2020-08-18 5186 struct kvm_msr_allowlist kernel_msr_allowlist;
> > 107c87325cf461 Aaron Lewis 2020-08-18 5187 unsigned long *bitmap = NULL;
> > 107c87325cf461 Aaron Lewis 2020-08-18 5188 size_t bitmap_size;
> > 107c87325cf461 Aaron Lewis 2020-08-18 5189 int r = 0;
> > 107c87325cf461 Aaron Lewis 2020-08-18 5190
> > 107c87325cf461 Aaron Lewis 2020-08-18 5191 if (copy_from_user(&kernel_msr_allowlist, user_msr_allowlist,
> > 107c87325cf461 Aaron Lewis 2020-08-18 5192 sizeof(kernel_msr_allowlist))) {
> > 107c87325cf461 Aaron Lewis 2020-08-18 5193 r = -EFAULT;
> > 107c87325cf461 Aaron Lewis 2020-08-18 5194 goto out;
> > 107c87325cf461 Aaron Lewis 2020-08-18 5195 }
> > 107c87325cf461 Aaron Lewis 2020-08-18 5196
> > 107c87325cf461 Aaron Lewis 2020-08-18 5197 bitmap_size = BITS_TO_LONGS(kernel_msr_allowlist.nmsrs) * sizeof(long);
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^n
> > On 32 bit systems the BITS_TO_LONGS() can integer overflow if
> > kernel_msr_allowlist.nmsrs is larger than ULONG_MAX - bits_per_long. In
> > that case bitmap_size is zero.
>
> Nice catch! It should be enough to ...
>
> >
> > 107c87325cf461 Aaron Lewis 2020-08-18 5198 if (bitmap_size > KVM_MSR_ALLOWLIST_MAX_LEN) {
>
> ... add a check for !bitmap_size here as well then, right?
Yup.
regards,
dan carpenter
WARNING: multiple messages have this Message-ID (diff)
From: Dan Carpenter <dan.carpenter@oracle.com>
To: kbuild-all@lists.01.org
Subject: Re: [PATCH v3 02/12] KVM: x86: Introduce allow list for MSR emulation
Date: Wed, 02 Sep 2020 10:31:48 +0300 [thread overview]
Message-ID: <20200902073147.GI8321@kadam> (raw)
In-Reply-To: <79dd5f72-a332-a657-674d-f3a9c94146f1@amazon.com>
[-- Attachment #1: Type: text/plain, Size: 3387 bytes --]
On Tue, Sep 01, 2020 at 09:13:10PM +0200, Alexander Graf wrote:
>
>
> On 31.08.20 12:39, Dan Carpenter wrote:
> >
> > Hi Aaron,
> >
> > url: https://github.com/0day-ci/linux/commits/Aaron-Lewis/Allow-userspace-to-manage-MSRs/20200819-051903
> > base: https://git.kernel.org/pub/scm/virt/kvm/kvm.git linux-next
> > config: x86_64-randconfig-m001-20200827 (attached as .config)
> > compiler: gcc-9 (Debian 9.3.0-15) 9.3.0
> >
> > If you fix the issue, kindly add following tag as appropriate
> > Reported-by: kernel test robot <lkp@intel.com>
> > Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
>
> Thanks a bunch for looking at this! I'd squash in the change with the actual
> patch as it's tiny, so I'm not sure how attribution would work in that case.
Yep. No problem. These are just a template that gets sent to everyone.
>
> >
> > smatch warnings:
> > arch/x86/kvm/x86.c:5248 kvm_vm_ioctl_add_msr_allowlist() error: 'bitmap' dereferencing possible ERR_PTR()
> >
> > # https://github.com/0day-ci/linux/commit/107c87325cf461b7b1bd07bb6ddbaf808a8d8a2a
> > git remote add linux-review https://github.com/0day-ci/linux git fetch
> > --no-tags linux-review
> > Aaron-Lewis/Allow-userspace-to-manage-MSRs/20200819-051903
> > git checkout 107c87325cf461b7b1bd07bb6ddbaf808a8d8a2a
> > vim +/bitmap +5248 arch/x86/kvm/x86.c
> >
> > 107c87325cf461 Aaron Lewis 2020-08-18 5181 static int kvm_vm_ioctl_add_msr_allowlist(struct kvm *kvm, void __user *argp)
> > 107c87325cf461 Aaron Lewis 2020-08-18 5182 {
> > 107c87325cf461 Aaron Lewis 2020-08-18 5183 struct msr_bitmap_range *ranges = kvm->arch.msr_allowlist_ranges;
> > 107c87325cf461 Aaron Lewis 2020-08-18 5184 struct kvm_msr_allowlist __user *user_msr_allowlist = argp;
> > 107c87325cf461 Aaron Lewis 2020-08-18 5185 struct msr_bitmap_range range;
> > 107c87325cf461 Aaron Lewis 2020-08-18 5186 struct kvm_msr_allowlist kernel_msr_allowlist;
> > 107c87325cf461 Aaron Lewis 2020-08-18 5187 unsigned long *bitmap = NULL;
> > 107c87325cf461 Aaron Lewis 2020-08-18 5188 size_t bitmap_size;
> > 107c87325cf461 Aaron Lewis 2020-08-18 5189 int r = 0;
> > 107c87325cf461 Aaron Lewis 2020-08-18 5190
> > 107c87325cf461 Aaron Lewis 2020-08-18 5191 if (copy_from_user(&kernel_msr_allowlist, user_msr_allowlist,
> > 107c87325cf461 Aaron Lewis 2020-08-18 5192 sizeof(kernel_msr_allowlist))) {
> > 107c87325cf461 Aaron Lewis 2020-08-18 5193 r = -EFAULT;
> > 107c87325cf461 Aaron Lewis 2020-08-18 5194 goto out;
> > 107c87325cf461 Aaron Lewis 2020-08-18 5195 }
> > 107c87325cf461 Aaron Lewis 2020-08-18 5196
> > 107c87325cf461 Aaron Lewis 2020-08-18 5197 bitmap_size = BITS_TO_LONGS(kernel_msr_allowlist.nmsrs) * sizeof(long);
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^n
> > On 32 bit systems the BITS_TO_LONGS() can integer overflow if
> > kernel_msr_allowlist.nmsrs is larger than ULONG_MAX - bits_per_long. In
> > that case bitmap_size is zero.
>
> Nice catch! It should be enough to ...
>
> >
> > 107c87325cf461 Aaron Lewis 2020-08-18 5198 if (bitmap_size > KVM_MSR_ALLOWLIST_MAX_LEN) {
>
> ... add a check for !bitmap_size here as well then, right?
Yup.
regards,
dan carpenter
next prev parent reply other threads:[~2020-09-02 7:31 UTC|newest]
Thread overview: 50+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-18 21:15 [PATCH v3 00/12] Allow userspace to manage MSRs Aaron Lewis
2020-08-18 21:15 ` [PATCH v3 01/12] KVM: x86: Deflect unknown MSR accesses to user space Aaron Lewis
2020-08-19 8:42 ` Alexander Graf
2020-08-18 21:15 ` [PATCH v3 02/12] KVM: x86: Introduce allow list for MSR emulation Aaron Lewis
2020-08-19 8:53 ` Alexander Graf
2020-08-31 10:39 ` Dan Carpenter
2020-08-31 10:39 ` Dan Carpenter
2020-08-31 10:39 ` Dan Carpenter
2020-09-01 19:13 ` Alexander Graf
2020-09-02 7:31 ` Dan Carpenter [this message]
2020-09-02 7:31 ` Dan Carpenter
2020-09-02 7:31 ` Dan Carpenter
2020-08-18 21:15 ` [PATCH v3 03/12] KVM: selftests: Add test for user space MSR handling Aaron Lewis
2020-08-18 21:15 ` [PATCH v3 04/12] KVM: x86: Add ioctl for accepting a userspace provided MSR list Aaron Lewis
2020-08-19 9:00 ` Alexander Graf
2020-08-20 17:30 ` Jim Mattson
2020-08-20 21:49 ` Alexander Graf
2020-08-20 22:28 ` Jim Mattson
2020-08-18 21:15 ` [PATCH v3 05/12] KVM: x86: Add support for exiting to userspace on rdmsr or wrmsr Aaron Lewis
2020-08-19 10:25 ` Alexander Graf
2020-08-20 18:17 ` Jim Mattson
2020-08-20 21:59 ` Alexander Graf
2020-08-20 22:55 ` Jim Mattson
2020-08-21 17:58 ` Jim Mattson
2020-08-24 1:35 ` Alexander Graf
2020-08-24 17:23 ` Jim Mattson
2020-08-24 18:09 ` Alexander Graf
2020-08-24 18:34 ` Jim Mattson
2020-08-18 21:15 ` [PATCH v3 06/12] KVM: x86: Prepare MSR bitmaps for userspace tracked MSRs Aaron Lewis
2020-08-18 21:15 ` [PATCH v3 07/12] KVM: x86: Ensure the MSR bitmap never clears " Aaron Lewis
2020-08-19 1:12 ` kernel test robot
2020-08-19 1:12 ` kernel test robot
2020-08-19 1:12 ` [RFC PATCH] KVM: x86: vmx_set_user_msr_intercept() can be static kernel test robot
2020-08-19 1:12 ` kernel test robot
2020-08-19 15:26 ` [PATCH v3 07/12] KVM: x86: Ensure the MSR bitmap never clears userspace tracked MSRs Alexander Graf
2020-08-20 0:18 ` Aaron Lewis
2020-08-20 22:04 ` Alexander Graf
2020-08-20 22:35 ` Jim Mattson
2020-08-21 14:27 ` Aaron Lewis
2020-08-21 16:07 ` Alexander Graf
2020-08-21 16:43 ` Aaron Lewis
2020-08-26 15:48 ` kernel test robot
2020-08-26 15:48 ` kernel test robot
2020-08-18 21:15 ` [PATCH v3 08/12] selftests: kvm: Fix the segment descriptor layout to match the actual layout Aaron Lewis
2020-08-18 21:15 ` [PATCH v3 09/12] selftests: kvm: Clear uc so UCALL_NONE is being properly reported Aaron Lewis
2020-08-19 9:13 ` Andrew Jones
2020-08-18 21:15 ` [PATCH v3 10/12] selftests: kvm: Add exception handling to selftests Aaron Lewis
2020-08-18 21:15 ` [PATCH v3 11/12] selftests: kvm: Add a test to exercise the userspace MSR list Aaron Lewis
2020-08-18 21:15 ` [PATCH v3 12/12] selftests: kvm: Add emulated rdmsr, wrmsr tests Aaron Lewis
-- strict thread matches above, loose matches on Subject: below --
2020-08-27 14:06 [PATCH v3 02/12] KVM: x86: Introduce allow list for MSR emulation kernel test robot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200902073147.GI8321@kadam \
--to=dan.carpenter@oracle.com \
--cc=kbuild@lists.01.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.