| Message ID | 20230307135233.54684-1-wei.w.wang@intel.com |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a5d:5915:0:0:0:0:0 with SMTP id v21csp2449446wrd;
Tue, 7 Mar 2023 06:08:30 -0800 (PST)
X-Google-Smtp-Source:
AK7set/u8Ix2p1uqyyYLbpZukXqXIuAmddj7NTcwm+qCZyBfH7BT4O1LvD4xLCB2jm0mC+zS9nGc
X-Received: by 2002:a05:6a20:3d0c:b0:bc:f45f:ecf7 with SMTP id
y12-20020a056a203d0c00b000bcf45fecf7mr17509862pzi.2.1678198109871;
Tue, 07 Mar 2023 06:08:29 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1678198109; cv=none;
d=google.com; s=arc-20160816;
b=VC+tHnA+yHn7KVnjebj4mGRDmMkGAeCtxkPqHAt7DDT2gP8qO1H5WO+TK/BBvJo9I0
VFKtkdcya8lSVSmH8dPZw/BAXw8DQMszdTUW3TLNBUBjlG0ZWpfIdo5FX0o0SGvQ7j/V
zxzXdK3qvr3t3GwkdZn9hlgJPRFZkLARriNd1doZJxFo+AToUXAbcgOS3tGGTWwvq/J3
x7d29Pd7OFSJ3NM3E4zRlEfRM59D5A3ABiIBlfjOyxW9m6XM+FOSA9iS1EozLx2jpDVr
eGrDnUG57VnB4pyV4NqcNVHL6HPKc+nZGabtJ8ExC1xzDleAuBgZTeOvxd9sbX265aEB
+rZQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=list-id:precedence:content-transfer-encoding:mime-version
:message-id:date:subject:cc:to:from:dkim-signature;
bh=/NkQpvRff7p8z6ePvuYHDLGWn4K7yrDY7SFSuJR9sB4=;
b=xSPZ+dMjp27+tOSvMd/e4tC/VqCHP7dOZFUPqeRB10dZ3oTo3W14HmluVPMBJM8aUg
FZTLcUmdaBlxLFsJUDgyBAA3CPfGIIORHBkxurmBVmyO8wyeQFZLSi+PqhCL46/v22hm
MPwGgiH9+SRBD1xUCJ7tgEDGlDwHD7sfHthglsmMV6khn41IH5Rrfmof1MiFPSht3SHm
k2coa4yA1iBqRVhqs52qkPD8/ggaEetSFJSUMneAv8qL1QQ6GKcPRUg2ItQb4pHbCRVt
oKCB/trfIElcWnbjZp1LcQwBwOaeBwC1SGGhnBbASBrN6s26mcramlsaQTLemBypqbGi
mmRg==
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@intel.com header.s=Intel header.b=DsEKCHkf;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
by mx.google.com with ESMTP id
k11-20020aa7972b000000b005a8ec89de5fsi12020919pfg.236.2023.03.07.06.08.17;
Tue, 07 Mar 2023 06:08:29 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
dkim=pass header.i=@intel.com header.s=Intel header.b=DsEKCHkf;
spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
designates 2620:137:e000::1:20 as permitted sender)
smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S231148AbjCGNxY (ORCPT <rfc822;toshivichauhan@gmail.com>
+ 99 others); Tue, 7 Mar 2023 08:53:24 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54320 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S230377AbjCGNxJ (ORCPT
<rfc822;linux-kernel@vger.kernel.org>);
Tue, 7 Mar 2023 08:53:09 -0500
Received: from mga07.intel.com (mga07.intel.com [134.134.136.100])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A770B83888;
Tue, 7 Mar 2023 05:52:38 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
t=1678197158; x=1709733158;
h=from:to:cc:subject:date:message-id:mime-version:
content-transfer-encoding;
bh=sQ7LWgB/6JVGYkKwEe+WCyTFEuM/QI03P1Yc2gqbCAg=;
b=DsEKCHkffa/VMJPmZfwtfWKapbE3Q+Ep0Jmie9MnOokls+JwHn5aOne7
hpVyrfMXaJwKbGFFfeNoC3NLr6xbsUHnJoF61LJ1aUKIwuihTmbo7Cc/o
KSI2VOf1hjidNPZiUAG1LcWc0udParN6p7Co/H8fvo31WoL3Qp2XnxEDi
KFoOWfPsbHSKM2md0GtkWD4HfeiANrdu+PfWYGxiasjA/DCxaOPPoKCuT
KKwRR6FP5Fu1FqWqN2QYx6VMYLY7jimkdcxS5h9DUiaEaYUHVaKFJMUwX
WU2xOR09tpPYCnBQuBE4LDoAM3SadLLfqi9/rSe475H9goybJP4MyGL8m
A==;
X-IronPort-AV: E=McAfee;i="6500,9779,10641"; a="400675435"
X-IronPort-AV: E=Sophos;i="5.98,241,1673942400";
d="scan'208";a="400675435"
Received: from orsmga003.jf.intel.com ([10.7.209.27])
by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
07 Mar 2023 05:52:38 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=McAfee;i="6500,9779,10641"; a="626551621"
X-IronPort-AV: E=Sophos;i="5.98,241,1673942400";
d="scan'208";a="626551621"
Received: from tdx-lm.sh.intel.com ([10.239.53.27])
by orsmga003.jf.intel.com with ESMTP; 07 Mar 2023 05:52:35 -0800
From: Wei Wang <wei.w.wang@intel.com>
To: seanjc@google.com, dmatlack@google.com, mizhang@google.com,
isaku.yamahata@gmail.com, pbonzini@redhat.com
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
Wei Wang <wei.w.wang@intel.com>
Subject: [PATCH v2] KVM: allow KVM_BUG/KVM_BUG_ON to handle 64-bit cond
Date: Tue, 7 Mar 2023 21:52:33 +0800
Message-Id: <20230307135233.54684-1-wei.w.wang@intel.com>
X-Mailer: git-send-email 2.27.0
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,
RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE,URIBL_BLOCKED autolearn=ham
autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1759718261245957431?=
X-GMAIL-MSGID: =?utf-8?q?1759718261245957431?=
|
| Series |
[v2] KVM: allow KVM_BUG/KVM_BUG_ON to handle 64-bit cond
|
|
Commit Message
Wang, Wei W
March 7, 2023, 1:52 p.m. UTC
Current KVM_BUG and KVM_BUG_ON assume that 'cond' passed from callers is
32-bit as it casts 'cond' to the type of int. This will be wrong if 'cond'
provided by a caller is 64-bit, e.g. an error code of 0xc0000d0300000000
will be converted to 0, which is not expected.
Improves the implementation by using bool in KVM_BUG and KVM_BUG_ON.
'bool' is preferred to 'int' as __ret is essentially used as a boolean
and coding-stytle.rst documents that use of bool is encouraged to improve
readability and is often a better option than 'int' for storing boolean
values.
Fixes: 0b8f11737cff ("KVM: Add infrastructure and macro to mark VM as bugged")
Signed-off-by: Wei Wang <wei.w.wang@intel.com>
---
include/linux/kvm_host.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
Comments
On Tue, Mar 7, 2023 at 5:52 AM Wei Wang <wei.w.wang@intel.com> wrote: > > Current KVM_BUG and KVM_BUG_ON assume that 'cond' passed from callers is > 32-bit as it casts 'cond' to the type of int. This will be wrong if 'cond' > provided by a caller is 64-bit, e.g. an error code of 0xc0000d0300000000 > will be converted to 0, which is not expected. > > Improves the implementation by using bool in KVM_BUG and KVM_BUG_ON. > 'bool' is preferred to 'int' as __ret is essentially used as a boolean > and coding-stytle.rst documents that use of bool is encouraged to improve > readability and is often a better option than 'int' for storing boolean > values. > > Fixes: 0b8f11737cff ("KVM: Add infrastructure and macro to mark VM as bugged") > Signed-off-by: Wei Wang <wei.w.wang@intel.com> > --- Reviewed-by: Mingwei Zhang <mizhang@google.com>
On Tue, Mar 07, 2023, Wei Wang wrote: > Current KVM_BUG and KVM_BUG_ON assume that 'cond' passed from callers is > 32-bit as it casts 'cond' to the type of int. You're very generous, I would have led with "Fix a badly done copy+paste ..." ;-) > Fixes: 0b8f11737cff ("KVM: Add infrastructure and macro to mark VM as bugged") > Signed-off-by: Wei Wang <wei.w.wang@intel.com> > --- Reviewed-by: Sean Christopherson <seanjc@google.com>
On Thursday, March 9, 2023 7:26 AM, Sean Christopherson wrote: > On Tue, Mar 07, 2023, Wei Wang wrote: > > Current KVM_BUG and KVM_BUG_ON assume that 'cond' passed from > callers > > is 32-bit as it casts 'cond' to the type of int. > > You're very generous, I would have led with "Fix a badly done > copy+paste ..." ;-) > > > Fixes: 0b8f11737cff ("KVM: Add infrastructure and macro to mark VM as > > bugged") > > Signed-off-by: Wei Wang <wei.w.wang@intel.com> > > --- > > Reviewed-by: Sean Christopherson <seanjc@google.com> Kind ping on this patch. Seems it wasn't noticed for months. Just check if it would be good to be merged or not proper for any reason? Thanks, Wei
On Thu, Jun 01, 2023, Wei W Wang wrote: > On Thursday, March 9, 2023 7:26 AM, Sean Christopherson wrote: > > On Tue, Mar 07, 2023, Wei Wang wrote: > > > Current KVM_BUG and KVM_BUG_ON assume that 'cond' passed from > > callers > > > is 32-bit as it casts 'cond' to the type of int. > > > > You're very generous, I would have led with "Fix a badly done > > copy+paste ..." ;-) > > > > > Fixes: 0b8f11737cff ("KVM: Add infrastructure and macro to mark VM as > > > bugged") > > > Signed-off-by: Wei Wang <wei.w.wang@intel.com> > > > --- > > > > Reviewed-by: Sean Christopherson <seanjc@google.com> > > Kind ping on this patch. > Seems it wasn't noticed for months. Just check if it would be good to be > merged or not proper for any reason? I'll grab it for 6.5.
On Friday, June 2, 2023 12:21 AM, Sean Christopherson wrote: > On Thu, Jun 01, 2023, Wei W Wang wrote: > > On Thursday, March 9, 2023 7:26 AM, Sean Christopherson wrote: > > > On Tue, Mar 07, 2023, Wei Wang wrote: > > > > Current KVM_BUG and KVM_BUG_ON assume that 'cond' passed from > > > callers > > > > is 32-bit as it casts 'cond' to the type of int. > > > > > > You're very generous, I would have led with "Fix a badly done > > > copy+paste ..." ;-) > > > > > > > Fixes: 0b8f11737cff ("KVM: Add infrastructure and macro to mark VM > > > > as > > > > bugged") > > > > Signed-off-by: Wei Wang <wei.w.wang@intel.com> > > > > --- > > > > > > Reviewed-by: Sean Christopherson <seanjc@google.com> > > > > Kind ping on this patch. > > Seems it wasn't noticed for months. Just check if it would be good to > > be merged or not proper for any reason? > > I'll grab it for 6.5. OK, thanks. Please check if these two are ready to go into 6.5 if possible: https://lore.kernel.org/kvm/20230315101606.10636-1-wei.w.wang@intel.com/ https://lore.kernel.org/kvm/20230207123713.3905-1-wei.w.wang@intel.com/
On Tue, 07 Mar 2023 21:52:33 +0800, Wei Wang wrote: > Current KVM_BUG and KVM_BUG_ON assume that 'cond' passed from callers is > 32-bit as it casts 'cond' to the type of int. This will be wrong if 'cond' > provided by a caller is 64-bit, e.g. an error code of 0xc0000d0300000000 > will be converted to 0, which is not expected. > > Improves the implementation by using bool in KVM_BUG and KVM_BUG_ON. > 'bool' is preferred to 'int' as __ret is essentially used as a boolean > and coding-stytle.rst documents that use of bool is encouraged to improve > readability and is often a better option than 'int' for storing boolean > values. > > [...] Applied to kvm-x86 generic, thanks! [1/1] KVM: allow KVM_BUG/KVM_BUG_ON to handle 64-bit cond https://github.com/kvm-x86/linux/commit/c9d601548603 -- https://github.com/kvm-x86/linux/tree/next https://github.com/kvm-x86/linux/tree/fixes
On 6/2/23 03:20, Sean Christopherson wrote: > On Tue, 07 Mar 2023 21:52:33 +0800, Wei Wang wrote: >> Current KVM_BUG and KVM_BUG_ON assume that 'cond' passed from callers is >> 32-bit as it casts 'cond' to the type of int. This will be wrong if 'cond' >> provided by a caller is 64-bit, e.g. an error code of 0xc0000d0300000000 >> will be converted to 0, which is not expected. >> >> Improves the implementation by using bool in KVM_BUG and KVM_BUG_ON. >> 'bool' is preferred to 'int' as __ret is essentially used as a boolean >> and coding-stytle.rst documents that use of bool is encouraged to improve >> readability and is often a better option than 'int' for storing boolean >> values. >> >> [...] > > Applied to kvm-x86 generic, thanks! > > [1/1] KVM: allow KVM_BUG/KVM_BUG_ON to handle 64-bit cond > https://github.com/kvm-x86/linux/commit/c9d601548603 I guess this makes the !! in kvm_vm_ioctl_create_vcpu() unnecessary: KVM_BUG_ON(!!xa_store(&kvm->vcpu_array, vcpu->vcpu_idx, vcpu, 0)... Is it worth a patch (perhaps along with chopping off !! in kvm_msr_allowed() and few other places)?
On Fri, Jun 02, 2023, Michal Luczaj wrote: > On 6/2/23 03:20, Sean Christopherson wrote: > > On Tue, 07 Mar 2023 21:52:33 +0800, Wei Wang wrote: > >> Current KVM_BUG and KVM_BUG_ON assume that 'cond' passed from callers is > >> 32-bit as it casts 'cond' to the type of int. This will be wrong if 'cond' > >> provided by a caller is 64-bit, e.g. an error code of 0xc0000d0300000000 > >> will be converted to 0, which is not expected. > >> > >> Improves the implementation by using bool in KVM_BUG and KVM_BUG_ON. > >> 'bool' is preferred to 'int' as __ret is essentially used as a boolean > >> and coding-stytle.rst documents that use of bool is encouraged to improve > >> readability and is often a better option than 'int' for storing boolean > >> values. > >> > >> [...] > > > > Applied to kvm-x86 generic, thanks! > > > > [1/1] KVM: allow KVM_BUG/KVM_BUG_ON to handle 64-bit cond > > https://github.com/kvm-x86/linux/commit/c9d601548603 > > I guess this makes the !! in kvm_vm_ioctl_create_vcpu() unnecessary: > > KVM_BUG_ON(!!xa_store(&kvm->vcpu_array, vcpu->vcpu_idx, vcpu, 0)... Ya, I saw that, which in addition to Wei's ping, is what reminded me that the KVM_BUG_ON() fix hadn't been merged. > Is it worth a patch (perhaps along with chopping off !! in > kvm_msr_allowed() and few other places)? Yes, I think so.
On 6/2/23 18:56, Sean Christopherson wrote: > On Fri, Jun 02, 2023, Michal Luczaj wrote: >> I guess this makes the !! in kvm_vm_ioctl_create_vcpu() unnecessary: >> >> KVM_BUG_ON(!!xa_store(&kvm->vcpu_array, vcpu->vcpu_idx, vcpu, 0)... > > Ya, I saw that, which in addition to Wei's ping, is what reminded me that the > KVM_BUG_ON() fix hadn't been merged. > >> Is it worth a patch (perhaps along with chopping off !! in >> kvm_msr_allowed() and few other places)? > > Yes, I think so. OK, so xa_store() aside[*], I see some bool-to-bools: arch/x86/kvm/x86.c: kvm_msr_allowed():allowed = !!test_bit(index - start, bitmap); arch/x86/kvm/hyperv.c: kvm_hv_hypercall():hc.rep = !!(hc.rep_cnt || hc.rep_idx); arch/x86/kvm/mmu/mmu.c: update_pkru_bitmask(): pkey_bits = !!check_pkey; pkey_bits |= (!!check_write) << 1; arch/x86/kvm/svm/svm.c: msr_write_intercepted():return !!test_bit(bit_write, &tmp); svm_vcpu_after_set_cpuid(): 2x set_msr_interception... tools/testing/selftests/kvm/x86_64/vmx_exception_with_invalid_guest_state.c: set_or_clear_invalid_guest_state():sregs.tr.unusable = !!set; But perhaps this is a matter of style and those were meant to be this kind-of explicit? [*] https://lore.kernel.org/kvm/20230605114852.288964-1-mhal@rbox.co/
On Mon, Jun 05, 2023, Michal Luczaj wrote: > On 6/2/23 18:56, Sean Christopherson wrote: > > On Fri, Jun 02, 2023, Michal Luczaj wrote: > >> I guess this makes the !! in kvm_vm_ioctl_create_vcpu() unnecessary: > >> > >> KVM_BUG_ON(!!xa_store(&kvm->vcpu_array, vcpu->vcpu_idx, vcpu, 0)... > > > > Ya, I saw that, which in addition to Wei's ping, is what reminded me that the > > KVM_BUG_ON() fix hadn't been merged. > > > >> Is it worth a patch (perhaps along with chopping off !! in > >> kvm_msr_allowed() and few other places)? > > > > Yes, I think so. > > OK, so xa_store() aside[*], I see some bool-to-bools: > > arch/x86/kvm/x86.c: > kvm_msr_allowed():allowed = !!test_bit(index - start, bitmap); > arch/x86/kvm/hyperv.c: > kvm_hv_hypercall():hc.rep = !!(hc.rep_cnt || hc.rep_idx); > arch/x86/kvm/mmu/mmu.c: > update_pkru_bitmask(): > pkey_bits = !!check_pkey; > pkey_bits |= (!!check_write) << 1; > arch/x86/kvm/svm/svm.c: > msr_write_intercepted():return !!test_bit(bit_write, &tmp); > svm_vcpu_after_set_cpuid(): > 2x set_msr_interception... > tools/testing/selftests/kvm/x86_64/vmx_exception_with_invalid_guest_state.c: > set_or_clear_invalid_guest_state():sregs.tr.unusable = !!set; > > But perhaps this is a matter of style and those were meant to be this kind-of > explicit? I doubt it, I'm guessing most cases are due to the author being overzealous for one reason or another, e.g. I suspect the test_bit() ones are due to the original author incorrectly assuming test_bit() returned an unsigned long, i.e. the bit, as opposed to the bool. If you want to clean these up, I'd say "fix" the test_bit() cases, but leave the others alone. The test_bit() ones are clearly redundant, and IMO can be actively due to implying test_bit() returns something other than a bool. > [*] https://lore.kernel.org/kvm/20230605114852.288964-1-mhal@rbox.co/
On 6/5/23 17:19, Sean Christopherson wrote: > On Mon, Jun 05, 2023, Michal Luczaj wrote: >> OK, so xa_store() aside[*], I see some bool-to-bools: >> >> arch/x86/kvm/x86.c: >> kvm_msr_allowed():allowed = !!test_bit(index - start, bitmap); >> arch/x86/kvm/hyperv.c: >> kvm_hv_hypercall():hc.rep = !!(hc.rep_cnt || hc.rep_idx); >> arch/x86/kvm/mmu/mmu.c: >> update_pkru_bitmask(): >> pkey_bits = !!check_pkey; >> pkey_bits |= (!!check_write) << 1; >> arch/x86/kvm/svm/svm.c: >> msr_write_intercepted():return !!test_bit(bit_write, &tmp); >> svm_vcpu_after_set_cpuid(): >> 2x set_msr_interception... >> tools/testing/selftests/kvm/x86_64/vmx_exception_with_invalid_guest_state.c: >> set_or_clear_invalid_guest_state():sregs.tr.unusable = !!set; >> >> But perhaps this is a matter of style and those were meant to be this kind-of >> explicit? > > I doubt it, I'm guessing most cases are due to the author being overzealous for > one reason or another, e.g. I suspect the test_bit() ones are due to the original > author incorrectly assuming test_bit() returned an unsigned long, i.e. the bit, > as opposed to the bool. > > If you want to clean these up, I'd say "fix" the test_bit() cases, but leave the > others alone. The test_bit() ones are clearly redundant, and IMO can be actively > due to implying test_bit() returns something other than a bool. Done: https://lore.kernel.org/kvm/20230605200158.118109-1-mhal@rbox.co/
diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h index f06635b24bd0..0221a48b3e3d 100644 --- a/include/linux/kvm_host.h +++ b/include/linux/kvm_host.h @@ -881,7 +881,7 @@ static inline void kvm_vm_bugged(struct kvm *kvm) #define KVM_BUG(cond, kvm, fmt...) \ ({ \ - int __ret = (cond); \ + bool __ret = !!(cond); \ \ if (WARN_ONCE(__ret && !(kvm)->vm_bugged, fmt)) \ kvm_vm_bugged(kvm); \ @@ -890,7 +890,7 @@ static inline void kvm_vm_bugged(struct kvm *kvm) #define KVM_BUG_ON(cond, kvm) \ ({ \ - int __ret = (cond); \ + bool __ret = !!(cond); \ \ if (WARN_ON_ONCE(__ret && !(kvm)->vm_bugged)) \ kvm_vm_bugged(kvm); \