[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v4 01/21] AMD/IOMMU: correct potentially-UB shifts

  • To: Jan Beulich <jbeulich@xxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>
  • Date: Wed, 27 Apr 2022 13:08:04 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=4a1pylHtIyeLWeqdGrWIC/pytrCE33KvdLSOGCsb71Q=; b=A+h0oLEbfAo7oVbq3Vds6mYR/x2z01VR13aelOZlnE1XgYS2DKmt9YzjMqU9c16CYSOwsOZhXIdasjIyuWo+U64QL9yw6y+398iYJkaIQKdtuS+z+irlnk7CMb64H0qWZV+j+rY1Dnu61pOkkIC3WasOiehGpKe5bml78XJbR1iIWtpdZlgZE5114SEM00jlB/AszHHzDIhq1C26nbUnsy2POMQuzNfeui6JKa4xudMqNWYHfnqyZ28H9XpmwhqVvFlWOZb1z0IReq6w4ihAbF+zhOS98N/XnFpowQtoJrVFh4H0R46AM99zuNWl7YbDKrQhHX/bOPPjKp8CJSC7cQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VmxMecN4vyCjET3oeJMa4Cwf1N/4px9acr0RveskWQhKcrQgxK8E6J5rjHkdXGZLbufYKXIjthGTs+Yi5Fnmhdo5i0tjtmatWCdK5HbyI9vth+oUFIsHWNjkrf40Gt2RFhrcV/6ttRlv4pMT1S8SE2scGzYy3t3M+Dud+tryvUYFrRxjt8c7q68A29CZJXOZ/Xn+jjFXko2tp4ed0b7NSfA5CfyVpl+r64McV/0REWD1ydcuyvAIbEGkz/+jNY8xr4ZOpoVUHSShK8Mrfp1bROr1KRqfI4rqOqTHy8HDNju4Hi+m8L28wKQ+D2fAGkw4HOSAbdaPQvtmbFuNrY290Q==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
  • Cc: Paul Durrant <paul@xxxxxxx>, Roger Pau Monne <roger.pau@xxxxxxxxxx>
  • Delivery-date: Wed, 27 Apr 2022 13:08:47 +0000
  • Ironport-data: A9a23:XDZQkaDlmVJTExVW/1viw5YqxClBgxIJ4kV8jS/XYbTApDIm3mdUz zQXXT/Sbq6PYGrxf4xxPt7l9EIPuMeAndQ2QQY4rX1jcSlH+JHPbTi7wuYcHM8wwunrFh8PA xA2M4GYRCwMZiaA4E/raNANlFEkvU2ybuOU5NXsZ2YgHWeIdA970Ug5w7Jj3dYx6TSEK1jlV e3a8pW31GCNg1aYAkpMg05UgEoy1BhakGpwUm0WPZinjneH/5UmJMt3yZWKB2n5WuFp8tuSH I4v+l0bElTxpH/BAvv9+lryn9ZjrrT6ZWBigVIOM0Sub4QrSoXfHc/XOdJFAXq7hQllkPhIx u1QtIaRWD4lZKfXocQdVydYFjBHaPguFL/veRBTsOS15mifKT7J/K8rC0s7e4oF5uxwHGdCs +QCLywAZQyCgOTwx6+nTu5rhYIoK8yD0IE34yk8i22GS6h4B8yTK0nJzYYwMDMYr8ZCB/vBI eEebiJidk/oaBxTIFYHTpk5mY9Eg1GgK2UD+ALP/cLb5UDIyBNT9pfLMebFd9yBXP9amku6u kv/qjGR7hYycYb3JSC+2nCmi/LLnCj7cJkPD7D+/flv6HWDy2pWBBAIWF+TpfiillX4S99ZM 1YT+Cclse417kPDZsH0QhmQsHOC+BkGVLJt//YS7QiMzu/R/FyfD21dFDpZMoR65IkxWCAg0 UKPk5XxHztzvbaJSHWbsLCJsTe1PitTJmgHDcMZcTY4DxDYiNlbpnryohxLQcZZUvWd9enM/ g23
  • Ironport-hdrordr: A9a23:4JqGN6r03SlT6D9WTdd5XOsaV5tyLNV00zEX/kB9WHVpm5Oj+v xGzc5w6farsl0ssSkb6Ku90KnpewK+yXbsibNhcYtKLzOWwldAS7sSorcKogeQVhEWk9Qw6U 4OSdkYNDSdNzlHZIPBkXGF+rUbsZe6GcKT9IHjJh5WJGkEBZ2IrT0JczpzeXcGJjWucKBJcK Z0kfA3wgZIF052Uu2LQl0+G8TTrdzCk5zrJTQcAQQ81QWIhTS0rJbnDhmxxH4lInNy6IZn1V KAvx3y562lvf3+4ATbzXXv45Nfn8ak4sdfBfaLltMeJlzX+0WVjcVaKv+/VQIO0aWSAWUR4Z 7xStAbToJOAkbqDySISN3WqlDdOXgVmiffIBSj8AbeSITCNU4H4ox69MNkm1LimjQdVJsX6t M140uJ85VQFh/OhyL7+pzBUAxrjFO9pT44nfcUlGE3a/pXVFZ9l/1owKpuKuZIIMs60vFULM B+SMXHoPpGe1KTaH7U+mFp3dy3R3w2WhOLWFILtMCZ2yVf2CkR9TpT+OUP2nMbsJ4tQZhN4O rJdqxuibFVV8cTKaZwHv0IT8e7AnHEBRjMLGWRK1L6E7xvAQOHl7fnpLEuoO26cp0By5U/3J zHTVNDrGY3P1njDMWftac7hSwlgF/NKQgF5vsul6SR4IeMNYYDGRfzO2wGgo+nv+gVBNHdVr K6JI9WasWTWFfTJQ==
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHYWH7CdQN8poxboEyKGipqz5RIIq0DvqqA
  • Thread-topic: [PATCH v4 01/21] AMD/IOMMU: correct potentially-UB shifts
On 25/04/2022 09:30, Jan Beulich wrote:
> Recent changes (likely 5fafa6cf529a ["AMD/IOMMU: have callers specify
> the target level for page table walks"]) have made Coverity notice a
> shift count in iommu_pde_from_dfn() which might in theory grow too
> large. While this isn't a problem in practice, address the concern
> nevertheless to not leave dangling breakage in case very large
> superpages would be enabled at some point.
>
> Coverity ID: 1504264
>
> While there also address a similar issue in set_iommu_ptes_present().
> It's not clear to me why Coverity hasn't spotted that one.
>
> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
> ---
> v4: New.
>
> --- a/xen/drivers/passthrough/amd/iommu_map.c
> +++ b/xen/drivers/passthrough/amd/iommu_map.c
> @@ -89,11 +89,11 @@ static unsigned int set_iommu_ptes_prese
>                                             bool iw, bool ir)
>  {
>      union amd_iommu_pte *table, *pde;
> -    unsigned int page_sz, flush_flags = 0;
> +    unsigned long page_sz = 1UL << (PTE_PER_TABLE_SHIFT * (pde_level - 1));

There's an off-by-12 error somewhere here.

Judging by it's use, it should be named mapping_frames (or similar) instead.

With that fixed, Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.