public inbox for kvm@vger.kernel.org
 help / color / mirror / Atom feed
From: Dan Carpenter <dan.carpenter@oracle.com>
To: brijesh.singh@amd.com
Cc: kvm@vger.kernel.org
Subject: [bug report] KVM: SVM: Add KVM_SEND_UPDATE_DATA command
Date: Thu, 29 Apr 2021 10:20:10 +0300	[thread overview]
Message-ID: <YIpeKpSB7Wqkqn9f@mwanda> (raw)

Hello Brijesh Singh,

The patch d3d1af85e2c7: "KVM: SVM: Add KVM_SEND_UPDATE_DATA command"
from Apr 15, 2021, leads to the following static checker warning:

arch/x86/kvm/svm/sev.c:1268 sev_send_update_data() warn: 'guest_page' is an error pointer or valid
arch/x86/kvm/svm/sev.c:1316 sev_send_update_data() warn: maybe return -EFAULT instead of the bytes remaining?
arch/x86/kvm/svm/sev.c:1462 sev_receive_update_data() warn: 'guest_page' is an error pointer or valid

arch/x86/kvm/svm/sev.c
  1261          offset = params.guest_uaddr & (PAGE_SIZE - 1);
  1262          if ((params.guest_len + offset > PAGE_SIZE))
  1263                  return -EINVAL;
  1264  
  1265          /* Pin guest memory */
  1266          guest_page = sev_pin_memory(kvm, params.guest_uaddr & PAGE_MASK,
  1267                                      PAGE_SIZE, &n, 0);
  1268          if (!guest_page)

The sev_pin_memory() function returns error pointers, not NULL.

  1269                  return -EFAULT;
  1270  
  1271          /* allocate memory for header and transport buffer */
  1272          ret = -ENOMEM;
  1273          hdr = kmalloc(params.hdr_len, GFP_KERNEL_ACCOUNT);
  1274          if (!hdr)
  1275                  goto e_unpin;
  1276  
  1277          trans_data = kmalloc(params.trans_len, GFP_KERNEL_ACCOUNT);
  1278          if (!trans_data)
  1279                  goto e_free_hdr;
  1280  
  1281          memset(&data, 0, sizeof(data));
  1282          data.hdr_address = __psp_pa(hdr);
  1283          data.hdr_len = params.hdr_len;
  1284          data.trans_address = __psp_pa(trans_data);
  1285          data.trans_len = params.trans_len;
  1286  
  1287          /* The SEND_UPDATE_DATA command requires C-bit to be always set. */
  1288          data.guest_address = (page_to_pfn(guest_page[0]) << PAGE_SHIFT) + offset;
  1289          data.guest_address |= sev_me_mask;
  1290          data.guest_len = params.guest_len;
  1291          data.handle = sev->handle;
  1292  
  1293          ret = sev_issue_cmd(kvm, SEV_CMD_SEND_UPDATE_DATA, &data, &argp->error);
  1294  
  1295          if (ret)
  1296                  goto e_free_trans_data;
  1297  
  1298          /* copy transport buffer to user space */
  1299          if (copy_to_user((void __user *)(uintptr_t)params.trans_uaddr,
  1300                           trans_data, params.trans_len)) {
  1301                  ret = -EFAULT;
  1302                  goto e_free_trans_data;
  1303          }
  1304  
  1305          /* Copy packet header to userspace. */
  1306          ret = copy_to_user((void __user *)(uintptr_t)params.hdr_uaddr, hdr,
  1307                                  params.hdr_len);

This should be:
		 if (copy_to_user(...))
			ret = -EFAULT;

  1308  
  1309  e_free_trans_data:
  1310          kfree(trans_data);
  1311  e_free_hdr:
  1312          kfree(hdr);
  1313  e_unpin:
  1314          sev_unpin_memory(kvm, guest_page, n);
  1315  
  1316          return ret;
  1317  }

[ snip ]

  1456          data.trans_len = params.trans_len;
  1457  
  1458          /* Pin guest memory */
  1459          ret = -EFAULT;
  1460          guest_page = sev_pin_memory(kvm, params.guest_uaddr & PAGE_MASK,
  1461                                      PAGE_SIZE, &n, 0);
  1462          if (!guest_page)

IS_ERR(guest_page) here as well.

  1463                  goto e_free_trans;
  1464  
  1465          /* The RECEIVE_UPDATE_DATA command requires C-bit to be always set. */
  1466          data.guest_address = (page_to_pfn(guest_page[0]) << PAGE_SHIFT) + offset;
  1467          data.guest_address |= sev_me_mask;
  1468          data.guest_len = params.guest_len;
  1469          data.handle = sev->handle;
  1470  

regards,
dan carpenter

             reply	other threads:[~2021-04-29  7:21 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-04-29  7:20 Dan Carpenter [this message]
2021-05-06 18:09 ` [bug report] KVM: SVM: Add KVM_SEND_UPDATE_DATA command Sean Christopherson
2021-05-07  5:01   ` Dan Carpenter

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=YIpeKpSB7Wqkqn9f@mwanda \
    --to=dan.carpenter@oracle.com \
    --cc=brijesh.singh@amd.com \
    --cc=kvm@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox