Re: [PATCH v3 02/12] KVM: x86: Introduce allow list for MSR emulation

public inbox for kvm@vger.kernel.org
 help / color / mirror / Atom feed

From: Dan Carpenter <dan.carpenter@oracle.com>
To: Alexander Graf <graf@amazon.com>
Cc: kbuild@lists.01.org, Aaron Lewis <aaronlewis@google.com>,
	jmattson@google.com, lkp@intel.com, kbuild-all@lists.01.org,
	pshier@google.com, oupton@google.com, kvm@vger.kernel.org,
	KarimAllah Ahmed <karahmed@amazon.de>
Subject: Re: [PATCH v3 02/12] KVM: x86: Introduce allow list for MSR emulation
Date: Wed, 2 Sep 2020 10:31:48 +0300	[thread overview]
Message-ID: <20200902073147.GI8321@kadam> (raw)
In-Reply-To: <79dd5f72-a332-a657-674d-f3a9c94146f1@amazon.com>

On Tue, Sep 01, 2020 at 09:13:10PM +0200, Alexander Graf wrote:
> 
> 
> On 31.08.20 12:39, Dan Carpenter wrote:
> > 
> > Hi Aaron,
> > 
> > url:    https://github.com/0day-ci/linux/commits/Aaron-Lewis/Allow-userspace-to-manage-MSRs/20200819-051903
> > base:   https://git.kernel.org/pub/scm/virt/kvm/kvm.git  linux-next
> > config: x86_64-randconfig-m001-20200827 (attached as .config)
> > compiler: gcc-9 (Debian 9.3.0-15) 9.3.0
> > 
> > If you fix the issue, kindly add following tag as appropriate
> > Reported-by: kernel test robot <lkp@intel.com>
> > Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
> 
> Thanks a bunch for looking at this! I'd squash in the change with the actual
> patch as it's tiny, so I'm not sure how attribution would work in that case.

Yep.  No problem.  These are just a template that gets sent to everyone.

> 
> > 
> > smatch warnings:
> > arch/x86/kvm/x86.c:5248 kvm_vm_ioctl_add_msr_allowlist() error: 'bitmap' dereferencing possible ERR_PTR()
> > 
> > # https://github.com/0day-ci/linux/commit/107c87325cf461b7b1bd07bb6ddbaf808a8d8a2a
> > git remote add linux-review https://github.com/0day-ci/linux git fetch
> > --no-tags linux-review
> > Aaron-Lewis/Allow-userspace-to-manage-MSRs/20200819-051903
> > git checkout 107c87325cf461b7b1bd07bb6ddbaf808a8d8a2a
> > vim +/bitmap +5248 arch/x86/kvm/x86.c
> > 
> > 107c87325cf461 Aaron Lewis 2020-08-18  5181  static int kvm_vm_ioctl_add_msr_allowlist(struct kvm *kvm, void __user *argp)
> > 107c87325cf461 Aaron Lewis 2020-08-18  5182  {
> > 107c87325cf461 Aaron Lewis 2020-08-18  5183     struct msr_bitmap_range *ranges = kvm->arch.msr_allowlist_ranges;
> > 107c87325cf461 Aaron Lewis 2020-08-18  5184     struct kvm_msr_allowlist __user *user_msr_allowlist = argp;
> > 107c87325cf461 Aaron Lewis 2020-08-18  5185     struct msr_bitmap_range range;
> > 107c87325cf461 Aaron Lewis 2020-08-18  5186     struct kvm_msr_allowlist kernel_msr_allowlist;
> > 107c87325cf461 Aaron Lewis 2020-08-18  5187     unsigned long *bitmap = NULL;
> > 107c87325cf461 Aaron Lewis 2020-08-18  5188     size_t bitmap_size;
> > 107c87325cf461 Aaron Lewis 2020-08-18  5189     int r = 0;
> > 107c87325cf461 Aaron Lewis 2020-08-18  5190
> > 107c87325cf461 Aaron Lewis 2020-08-18  5191     if (copy_from_user(&kernel_msr_allowlist, user_msr_allowlist,
> > 107c87325cf461 Aaron Lewis 2020-08-18  5192                        sizeof(kernel_msr_allowlist))) {
> > 107c87325cf461 Aaron Lewis 2020-08-18  5193             r = -EFAULT;
> > 107c87325cf461 Aaron Lewis 2020-08-18  5194             goto out;
> > 107c87325cf461 Aaron Lewis 2020-08-18  5195     }
> > 107c87325cf461 Aaron Lewis 2020-08-18  5196
> > 107c87325cf461 Aaron Lewis 2020-08-18  5197     bitmap_size = BITS_TO_LONGS(kernel_msr_allowlist.nmsrs) * sizeof(long);
> >                                                                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^n
> > On 32 bit systems the BITS_TO_LONGS() can integer overflow if
> > kernel_msr_allowlist.nmsrs is larger than ULONG_MAX - bits_per_long.  In
> > that case bitmap_size is zero.
> 
> Nice catch! It should be enough to ...
> 
> > 
> > 107c87325cf461 Aaron Lewis 2020-08-18  5198     if (bitmap_size > KVM_MSR_ALLOWLIST_MAX_LEN) {
> 
> ... add a check for !bitmap_size here as well then, right?

Yup.

regards,
dan carpenter

next prev parent reply	other threads:[~2020-09-02  7:32 UTC|newest]

Thread overview: 42+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-08-18 21:15 [PATCH v3 00/12] Allow userspace to manage MSRs Aaron Lewis
2020-08-18 21:15 ` [PATCH v3 01/12] KVM: x86: Deflect unknown MSR accesses to user space Aaron Lewis
2020-08-19  8:42   ` Alexander Graf
2020-08-18 21:15 ` [PATCH v3 02/12] KVM: x86: Introduce allow list for MSR emulation Aaron Lewis
2020-08-19  8:53   ` Alexander Graf
2020-08-31 10:39   ` Dan Carpenter
2020-09-01 19:13     ` Alexander Graf
2020-09-02  7:31       ` Dan Carpenter [this message]
2020-08-18 21:15 ` [PATCH v3 03/12] KVM: selftests: Add test for user space MSR handling Aaron Lewis
2020-08-18 21:15 ` [PATCH v3 04/12] KVM: x86: Add ioctl for accepting a userspace provided MSR list Aaron Lewis
2020-08-19  9:00   ` Alexander Graf
2020-08-20 17:30     ` Jim Mattson
2020-08-20 21:49       ` Alexander Graf
2020-08-20 22:28         ` Jim Mattson
2020-08-18 21:15 ` [PATCH v3 05/12] KVM: x86: Add support for exiting to userspace on rdmsr or wrmsr Aaron Lewis
2020-08-19 10:25   ` Alexander Graf
2020-08-20 18:17   ` Jim Mattson
2020-08-20 21:59     ` Alexander Graf
2020-08-20 22:55       ` Jim Mattson
2020-08-21 17:58         ` Jim Mattson
2020-08-24  1:35           ` Alexander Graf
2020-08-24 17:23             ` Jim Mattson
2020-08-24 18:09               ` Alexander Graf
2020-08-24 18:34                 ` Jim Mattson
2020-08-18 21:15 ` [PATCH v3 06/12] KVM: x86: Prepare MSR bitmaps for userspace tracked MSRs Aaron Lewis
2020-08-18 21:15 ` [PATCH v3 07/12] KVM: x86: Ensure the MSR bitmap never clears " Aaron Lewis
2020-08-19  1:12   ` kernel test robot
2020-08-19  1:12   ` [RFC PATCH] KVM: x86: vmx_set_user_msr_intercept() can be static kernel test robot
2020-08-19 15:26   ` [PATCH v3 07/12] KVM: x86: Ensure the MSR bitmap never clears userspace tracked MSRs Alexander Graf
2020-08-20  0:18     ` Aaron Lewis
2020-08-20 22:04       ` Alexander Graf
2020-08-20 22:35         ` Jim Mattson
2020-08-21 14:27           ` Aaron Lewis
2020-08-21 16:07             ` Alexander Graf
2020-08-21 16:43               ` Aaron Lewis
2020-08-26 15:48   ` kernel test robot
2020-08-18 21:15 ` [PATCH v3 08/12] selftests: kvm: Fix the segment descriptor layout to match the actual layout Aaron Lewis
2020-08-18 21:15 ` [PATCH v3 09/12] selftests: kvm: Clear uc so UCALL_NONE is being properly reported Aaron Lewis
2020-08-19  9:13   ` Andrew Jones
2020-08-18 21:15 ` [PATCH v3 10/12] selftests: kvm: Add exception handling to selftests Aaron Lewis
2020-08-18 21:15 ` [PATCH v3 11/12] selftests: kvm: Add a test to exercise the userspace MSR list Aaron Lewis
2020-08-18 21:15 ` [PATCH v3 12/12] selftests: kvm: Add emulated rdmsr, wrmsr tests Aaron Lewis

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200902073147.GI8321@kadam \
    --to=dan.carpenter@oracle.com \
    --cc=aaronlewis@google.com \
    --cc=graf@amazon.com \
    --cc=jmattson@google.com \
    --cc=karahmed@amazon.de \
    --cc=kbuild-all@lists.01.org \
    --cc=kbuild@lists.01.org \
    --cc=kvm@vger.kernel.org \
    --cc=lkp@intel.com \
    --cc=oupton@google.com \
    --cc=pshier@google.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox