From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Jan Beulich <JBeulich@suse.com>
Cc: Keir Fraser <keir@xen.org>,
suravee.suthikulpanit@amd.com, Eddie Dong <eddie.dong@intel.com>,
Jacob Shin <jacob.shin@amd.com>,
Jun Nakajima <jun.nakajima@intel.com>,
xen-devel <xen-devel@lists.xenproject.org>,
Boris Ostrovsky <boris.ostrovsky@oracle.com>
Subject: Re: [PATCH v2] hvm/vpmu: Prevent dump handlers from incorrectly mutating state
Date: Thu, 12 Sep 2013 10:38:23 +0100 [thread overview]
Message-ID: <52318B8F.3070109@citrix.com> (raw)
In-Reply-To: <52318D1F02000078000F29E7@nat28.tlf.novell.com>
On 12/09/13 08:45, Jan Beulich wrote:
> Discovered by Coverity, CID 1055181
>
> core2_vpmu_dump() was incorrectly setting VPMU_CONTEXT_LOADED when it
> was intending to check for it.
>
> Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
>
> This would have been avoided if the dump function declared all its
> pointers "const" - doing this now (also in SVM).
>
> Also fixing some indentation issues at once.
>
> Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
>
> --- a/xen/arch/x86/hvm/svm/vpmu.c
> +++ b/xen/arch/x86/hvm/svm/vpmu.c
> @@ -415,10 +415,10 @@ static void amd_vpmu_destroy(struct vcpu
> }
>
> /* VPMU part of the 'q' keyhandler */
> -static void amd_vpmu_dump(struct vcpu *v)
> +static void amd_vpmu_dump(const struct vcpu *v)
> {
> - struct vpmu_struct *vpmu = vcpu_vpmu(v);
> - struct amd_vpmu_context *ctxt = vpmu->context;
> + const struct vpmu_struct *vpmu = vcpu_vpmu(v);
> + const struct amd_vpmu_context *ctxt = vpmu->context;
> unsigned int i;
>
> printk(" VPMU state: 0x%x ", vpmu->flags);
> @@ -447,9 +447,9 @@ static void amd_vpmu_dump(struct vcpu *v
>
> rdmsrl(ctrls[i], ctrl);
> rdmsrl(counters[i], cntr);
> - printk(" 0x%08x: 0x%lx (0x%lx in HW) 0x%08x: 0x%lx (0x%lx in HW)\n",
> - ctrls[i], ctxt->ctrls[i], ctrl,
> - counters[i], ctxt->counters[i], cntr);
> + printk(" %#x: %#lx (%#lx in HW) %#x: %#lx (%#lx in HW)\n",
> + ctrls[i], ctxt->ctrls[i], ctrl,
> + counters[i], ctxt->counters[i], cntr);
> }
> }
>
> --- a/xen/arch/x86/hvm/vmx/vpmu_core2.c
> +++ b/xen/arch/x86/hvm/vmx/vpmu_core2.c
> @@ -678,11 +678,11 @@ static void core2_vpmu_do_cpuid(unsigned
> }
>
> /* Dump vpmu info on console, called in the context of keyhandler 'q'. */
> -static void core2_vpmu_dump(struct vcpu *v)
> +static void core2_vpmu_dump(const struct vcpu *v)
> {
> - struct vpmu_struct *vpmu = vcpu_vpmu(v);
> + const struct vpmu_struct *vpmu = vcpu_vpmu(v);
> int i, num;
> - struct core2_vpmu_context *core2_vpmu_cxt = NULL;
> + const struct core2_vpmu_context *core2_vpmu_cxt = NULL;
> u64 val;
>
> if ( !vpmu_is_set(vpmu, VPMU_CONTEXT_ALLOCATED) )
> @@ -690,7 +690,7 @@ static void core2_vpmu_dump(struct vcpu
>
> if ( !vpmu_is_set(vpmu, VPMU_RUNNING) )
> {
> - if ( vpmu_set(vpmu, VPMU_CONTEXT_LOADED) )
> + if ( vpmu_is_set(vpmu, VPMU_CONTEXT_LOADED) )
> printk(" vPMU loaded\n");
> else
> printk(" vPMU allocated\n");
> @@ -703,10 +703,11 @@ static void core2_vpmu_dump(struct vcpu
> /* Print the contents of the counter and its configuration msr. */
> for ( i = 0; i < num; i++ )
> {
> - struct arch_msr_pair* msr_pair = core2_vpmu_cxt->arch_msr_pair;
> + const struct arch_msr_pair *msr_pair = core2_vpmu_cxt->arch_msr_pair;
> +
> if ( core2_vpmu_cxt->pmu_enable->arch_pmc_enable[i] )
> printk(" general_%d: 0x%016lx ctrl: 0x%016lx\n",
> - i, msr_pair[i].counter, msr_pair[i].control);
> + i, msr_pair[i].counter, msr_pair[i].control);
> }
> /*
> * The configuration of the fixed counter is 4 bits each in the
> @@ -716,9 +717,9 @@ static void core2_vpmu_dump(struct vcpu
> for ( i = 0; i < core2_fix_counters.num; i++ )
> {
> if ( core2_vpmu_cxt->pmu_enable->fixed_ctr_enable[i] )
> - printk(" fixed_%d: 0x%016lx ctrl: 0x%lx\n",
> - i, core2_vpmu_cxt->fix_counters[i],
> - val & FIXED_CTR_CTRL_MASK);
> + printk(" fixed_%d: 0x%016lx ctrl: %#lx\n",
> + i, core2_vpmu_cxt->fix_counters[i],
> + val & FIXED_CTR_CTRL_MASK);
> val >>= FIXED_CTR_CTRL_BITS;
> }
> }
> --- a/xen/include/asm-x86/hvm/vpmu.h
> +++ b/xen/include/asm-x86/hvm/vpmu.h
> @@ -54,7 +54,7 @@ struct arch_vpmu_ops {
> void (*arch_vpmu_destroy)(struct vcpu *v);
> int (*arch_vpmu_save)(struct vcpu *v);
> void (*arch_vpmu_load)(struct vcpu *v);
> - void (*arch_vpmu_dump)(struct vcpu *v);
> + void (*arch_vpmu_dump)(const struct vcpu *);
> };
>
> int vmx_vpmu_initialise(struct vcpu *, unsigned int flags);
>
>
next prev parent reply other threads:[~2013-09-12 9:39 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-09-11 16:58 [PATCH] hvm/vpmu: Prevent core2_vpmu_dump() handler from incorrectly mutating state Andrew Cooper
2013-09-12 7:45 ` [PATCH v2] hvm/vpmu: Prevent dump handlers " Jan Beulich
2013-09-12 9:38 ` Andrew Cooper [this message]
2013-09-12 23:28 ` Suravee Suthikulanit
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=52318B8F.3070109@citrix.com \
--to=andrew.cooper3@citrix.com \
--cc=JBeulich@suse.com \
--cc=boris.ostrovsky@oracle.com \
--cc=eddie.dong@intel.com \
--cc=jacob.shin@amd.com \
--cc=jun.nakajima@intel.com \
--cc=keir@xen.org \
--cc=suravee.suthikulpanit@amd.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).