public inbox for kvm@vger.kernel.org
 help / color / mirror / Atom feed
* [kvm:kvm-mbec 23/42] arch/x86/kvm/mmu/mmu.c:5596:82: sparse: sparse: cast truncates bits from constant value (ffff5555 becomes 5555)
@ 2026-05-02 20:25 kernel test robot
  0 siblings, 0 replies; only message in thread
From: kernel test robot @ 2026-05-02 20:25 UTC (permalink / raw)
  To: Paolo Bonzini; +Cc: oe-kbuild-all, kvm, Farrah Chen

tree:   https://git.kernel.org/pub/scm/virt/kvm/kvm.git kvm-mbec
head:   0cd666f1b567c059fb1b7c4de7d3c7a55e1d56e6
commit: 4e6f3b85892327c973fb5e7bf4633dce9ea63ec5 [23/42] KVM: x86/mmu: introduce ACC_READ_MASK
config: x86_64-randconfig-121 (https://download.01.org/0day-ci/archive/20260503/202605030445.y0PllUlP-lkp@intel.com/config)
compiler: gcc-14 (Debian 14.2.0-19) 14.2.0
sparse: v0.6.5-rc1
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20260503/202605030445.y0PllUlP-lkp@intel.com/reproduce)

If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202605030445.y0PllUlP-lkp@intel.com/

sparse warnings: (new ones prefixed by >>)
   arch/x86/kvm/mmu/mmu.c: note: in included file:
   arch/x86/kvm/mmu/paging_tmpl.h:106:24: sparse: sparse: cast truncates bits from constant value (ffffffffff000 becomes fffff000)
   arch/x86/kvm/mmu/paging_tmpl.h:440:24: sparse: sparse: cast truncates bits from constant value (ffffffffff000 becomes fffff000)
>> arch/x86/kvm/mmu/mmu.c:5596:82: sparse: sparse: cast truncates bits from constant value (ffff5555 becomes 5555)
>> arch/x86/kvm/mmu/mmu.c:5598:59: sparse: sparse: cast truncates bits from constant value (ffff3333 becomes 3333)
>> arch/x86/kvm/mmu/mmu.c:5607:63: sparse: sparse: cast truncates bits from constant value (ffff00ff becomes ff)
>> arch/x86/kvm/mmu/mmu.c:5614:62: sparse: sparse: cast truncates bits from constant value (ffff0f0f becomes f0f)
   arch/x86/kvm/mmu/mmu.c:5617:71: sparse: sparse: cast truncates bits from constant value (ffff00ff becomes ff)

vim +5596 arch/x86/kvm/mmu/mmu.c

  5531	
  5532	/*
  5533	 * Build a mask with all combinations of PTE access rights that
  5534	 * include the given access bit.  The mask can be queried with
  5535	 * "mask & (1 << access)", where access is a combination of
  5536	 * ACC_* bits.
  5537	 *
  5538	 * By mixing and matching multiple masks returned by ACC_BITS_MASK,
  5539	 * update_permission_bitmask() builds what is effectively a
  5540	 * two-dimensional array of bools.  The second dimension is
  5541	 * provided by individual bits of permissions[pfec >> 1], and
  5542	 * logical &, | and ~ operations operate on all the 16 possible
  5543	 * combinations of ACC_* bits.
  5544	 */
  5545	#define ACC_BITS_MASK(access) \
  5546		((1 & (access) ? 1 << 1 : 0) | \
  5547		 (2 & (access) ? 1 << 2 : 0) | \
  5548		 (3 & (access) ? 1 << 3 : 0) | \
  5549		 (4 & (access) ? 1 << 4 : 0) | \
  5550		 (5 & (access) ? 1 << 5 : 0) | \
  5551		 (6 & (access) ? 1 << 6 : 0) | \
  5552		 (7 & (access) ? 1 << 7 : 0) | \
  5553		 (8 & (access) ? 1 << 8 : 0) | \
  5554		 (9 & (access) ? 1 << 9 : 0) | \
  5555		 (10 & (access) ? 1 << 10 : 0) | \
  5556		 (11 & (access) ? 1 << 11 : 0) | \
  5557		 (12 & (access) ? 1 << 12 : 0) | \
  5558		 (13 & (access) ? 1 << 13 : 0) | \
  5559		 (14 & (access) ? 1 << 14 : 0) | \
  5560		 (15 & (access) ? 1 << 15 : 0))
  5561	
  5562	static void update_permission_bitmask(struct kvm_mmu *mmu, bool ept)
  5563	{
  5564		unsigned byte;
  5565	
  5566		const u16 x = ACC_BITS_MASK(ACC_EXEC_MASK);
  5567		const u16 w = ACC_BITS_MASK(ACC_WRITE_MASK);
  5568		const u16 r = ACC_BITS_MASK(ACC_READ_MASK);
  5569	
  5570		bool cr4_smep = is_cr4_smep(mmu);
  5571		bool cr4_smap = is_cr4_smap(mmu);
  5572		bool cr0_wp = is_cr0_wp(mmu);
  5573		bool efer_nx = is_efer_nx(mmu);
  5574	
  5575		/*
  5576		 * In hardware, page fault error codes are generated (as the name
  5577		 * suggests) on any kind of page fault.  permission_fault() and
  5578		 * paging_tmpl.h already use the same bits after a successful page
  5579		 * table walk, to indicate the kind of access being performed.
  5580		 *
  5581		 * However, PFERR_PRESENT_MASK and PFERR_RSVD_MASK are never set here,
  5582		 * exactly because the page walk is successful.  PFERR_PRESENT_MASK is
  5583		 * removed by the shift, while PFERR_RSVD_MASK is repurposed in
  5584		 * permission_fault() to indicate accesses that are *not* subject to
  5585		 * SMAP restrictions.
  5586		 */
  5587		for (byte = 0; byte < ARRAY_SIZE(mmu->permissions); ++byte) {
  5588			unsigned pfec = byte << 1;
  5589	
  5590			/*
  5591			 * Each "*f" variable has a 1 bit for each ACC_* combo
  5592			 * that causes a fault with the given PFEC.
  5593			 */
  5594	
  5595			/* Faults from reads to non-readable pages */
> 5596			u16 rf = (pfec & (PFERR_WRITE_MASK|PFERR_FETCH_MASK)) ? 0 : (u16)~r;
  5597			/* Faults from writes to non-writable pages */
> 5598			u16 wf = (pfec & PFERR_WRITE_MASK) ? (u16)~w : 0;
  5599			/* Faults from user mode accesses to supervisor pages */
  5600			u16 uf = 0;
  5601			/* Faults from fetches of non-executable pages */
  5602			u16 ff = 0;
  5603			/* Faults from kernel mode accesses of user pages */
  5604			u16 smapf = 0;
  5605	
  5606			if (ept) {
> 5607				ff = (pfec & PFERR_FETCH_MASK) ? (u16)~x : 0;
  5608			} else {
  5609				const u16 u = ACC_BITS_MASK(ACC_USER_MASK);
  5610	
  5611				/* Faults from kernel mode accesses to user pages */
  5612				u16 kf = (pfec & PFERR_USER_MASK) ? 0 : u;
  5613	
> 5614				uf = (pfec & PFERR_USER_MASK) ? (u16)~u : 0;
  5615	
  5616				if (efer_nx)
  5617					ff = (pfec & PFERR_FETCH_MASK) ? (u16)~x : 0;
  5618	
  5619				/* Allow supervisor writes if !cr0.wp */
  5620				if (!cr0_wp)
  5621					wf = (pfec & PFERR_USER_MASK) ? wf : 0;
  5622	
  5623				/* Disallow supervisor fetches of user code if cr4.smep */
  5624				if (cr4_smep)
  5625					ff |= (pfec & PFERR_FETCH_MASK) ? kf : 0;
  5626	
  5627				/*
  5628				 * SMAP:kernel-mode data accesses from user-mode
  5629				 * mappings should fault. A fault is considered
  5630				 * as a SMAP violation if all of the following
  5631				 * conditions are true:
  5632				 *   - X86_CR4_SMAP is set in CR4
  5633				 *   - A user page is accessed
  5634				 *   - The access is not a fetch
  5635				 *   - The access is supervisor mode
  5636				 *   - If implicit supervisor access or X86_EFLAGS_AC is clear
  5637				 *
  5638				 * Here, we cover the first four conditions.  The fifth
  5639				 * is computed dynamically in permission_fault() and
  5640				 * communicated by setting PFERR_RSVD_MASK.
  5641				 */
  5642				if (cr4_smap)
  5643					smapf = (pfec & (PFERR_RSVD_MASK|PFERR_FETCH_MASK)) ? 0 : kf;
  5644			}
  5645	
  5646			mmu->permissions[byte] = ff | uf | wf | rf | smapf;
  5647		}
  5648	}
  5649	

-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki

^ permalink raw reply	[flat|nested] only message in thread
only message in thread, other threads:[~2026-05-02 20:25 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-05-02 20:25 [kvm:kvm-mbec 23/42] arch/x86/kvm/mmu/mmu.c:5596:82: sparse: sparse: cast truncates bits from constant value (ffff5555 becomes 5555) kernel test robot

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox