From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 31E23C433EF for ; Fri, 1 Jul 2022 13:48:57 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231620AbiGANsz (ORCPT ); Fri, 1 Jul 2022 09:48:55 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42738 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231349AbiGANsy (ORCPT ); Fri, 1 Jul 2022 09:48:54 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6983C23145 for ; Fri, 1 Jul 2022 06:48:53 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 060ED620CD for ; Fri, 1 Jul 2022 13:48:53 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 55B7CC3411E; Fri, 1 Jul 2022 13:48:52 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1656683332; bh=y43yH/lmHwnyz4T4E/zryI9/gGjztLN53lDudkMy/5A=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=DYUk7YKdJn/QEgQVVX0K3M+ZKMVmHXxdGwxy1UoyU+z/EPw9IYdNcnQRET1sPVbst LADGCPwVY0cn+FuJIJMma1hv5RSmxTIOyWLJeORPPqKAzzM3o3Ajv7RaaZEUNb4gJX rmQbg8/NuQ8m8E4L+eYyw0aZetAF+V8pk7bZmjVVdaMBQmsRcWFw/LXo72S8J3y0ES tPC0xtUbl++V6Gh8jQDPUFnHIQlcASDlim98+e5cCyHwsClZ5v0AkTHBigGWQJbNEm iUKJ1ZBpyYbGO9NtTPjvDX5/QDJcitkr4OQganc1yYSA6RexUpoxpcqycxkKl6Pr5d yqROX8U1Ms3qQ== Received: from sofa.misterjones.org ([185.219.108.64] helo=why.misterjones.org) by disco-boy.misterjones.org with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1o7H0s-004bML-06; Fri, 01 Jul 2022 14:48:50 +0100 Date: Fri, 01 Jul 2022 14:48:49 +0100 Message-ID: <87letd0wqm.wl-maz@kernel.org> From: Marc Zyngier To: Schspa Shi Cc: james.morse@arm.com, alexandru.elisei@arm.com, suzuki.poulose@arm.com, catalin.marinas@arm.com, will@kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu, linux-kernel@vger.kernel.org Subject: Re: [PATCH] KVM: arm64: Fix 64 bit mmio handle In-Reply-To: References: <20220630161220.53449-1-schspa@gmail.com> <87mtdu15ok.wl-maz@kernel.org> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM-LB/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL-LB/10.8 EasyPG/1.0.0 Emacs/27.1 (x86_64-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO) MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-SA-Exim-Connect-IP: 185.219.108.64 X-SA-Exim-Rcpt-To: schspa@gmail.com, james.morse@arm.com, alexandru.elisei@arm.com, suzuki.poulose@arm.com, catalin.marinas@arm.com, will@kernel.org, linux-arm-kernel@lists.infradead.org, kvmarm@lists.cs.columbia.edu, linux-kernel@vger.kernel.org X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on disco-boy.misterjones.org); SAEximRunCond expanded to false Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, 01 Jul 2022 13:22:21 +0100, Schspa Shi wrote: > > > Marc Zyngier writes: > > > On 2022-06-30 17:50, Schspa Shi wrote: > >> Marc Zyngier writes: > >> > >>> On Thu, 30 Jun 2022 17:12:20 +0100, > >>> Schspa Shi wrote: > >>>> If the len is 8 bytes, we can't get the correct sign extend for > >>>> be system. > >>> I'm afraid you'll have to give me a bit more details. > >>> > >>>> Fix the mask type len and the comparison of length. > >>>> Signed-off-by: Schspa Shi > >>>> --- > >>>> arch/arm64/kvm/mmio.c | 4 ++-- > >>>> 1 file changed, 2 insertions(+), 2 deletions(-) > >>>> diff --git a/arch/arm64/kvm/mmio.c b/arch/arm64/kvm/mmio.c > >>>> index 3dd38a151d2a6..0692f8b18f35c 100644 > >>>> --- a/arch/arm64/kvm/mmio.c > >>>> +++ b/arch/arm64/kvm/mmio.c > >>>> @@ -81,8 +81,8 @@ unsigned long kvm_mmio_read_buf(const void > >>>> *buf, unsigned > >>>> int len) > >>>> int kvm_handle_mmio_return(struct kvm_vcpu *vcpu) > >>>> { > >>>> unsigned long data; > >>>> + unsigned long mask; > >>>> unsigned int len; > >>>> - int mask; > >>>> /* Detect an already handled MMIO return */ > >>>> if (unlikely(!vcpu->mmio_needed)) > >>>> @@ -97,7 +97,7 @@ int kvm_handle_mmio_return(struct kvm_vcpu > >>>> *vcpu) > >>>> data = kvm_mmio_read_buf(run->mmio.data, len); > >>>> if (kvm_vcpu_dabt_issext(vcpu) && > >>>> - len < sizeof(unsigned long)) { > >>>> + len <= sizeof(unsigned long)) { > >>> If you're reading an 8 byte quantity, what is there to > >>> sign-extend? > >>> Sign extension only makes sense if what you're reading is > >>> *smaller* > >>> than the size of the register you are targeting. > >>> > >> Yes, you are correct, sorry for my bad patch. > >> Please ignore this patch. > >> > >>> I must be missing something. And how is that related to running > >>> BE? BE > >>> in the host? The guest? > >> I mean BE is for guest running with BE mode. > > > > So what problem did you see? If you have noticed something going > > wrong, I'd like to get it fixed. > > > > I have running some static code analysis software upon Kernel code. > Seeing there is possible overflow. > > maks << 1U << ((len * 8) -1); > > The AI don't know, len is only the value of 1, 2, 4, and make this > a warnings > > I tring to analysis this, but didn't realize the real scenario of > sign extension, and finally sent this problematic patch. > > I do see some uninitialized memory reads (the values are not used > in the end, just as temporary space for API execution), > do we need to fix these? You need to be more descriptive here. What uninitialised reads? In general, pointing at the code and providing a full description of what you think is incorrect would really help... M. -- Without deviation from the norm, progress is not possible.