If misc_cg_set_capacity() fails for some reason then we have
a memleak for sev_reclaim_asid_bitmap/sev_asid_bitmap. It's
not a case right now, because misc_cg_set_capacity() just can't
fail and check inside it is always successful.
But let's fix that for code consistency.
Cc: Sean Christopherson <[email protected]>
Cc: Paolo Bonzini <[email protected]>
Cc: Stéphane Graber <[email protected]>
Cc: [email protected]
Cc: [email protected]
Signed-off-by: Alexander Mikhalitsyn <[email protected]>
---
arch/x86/kvm/svm/sev.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index c25aeb550cd9..a42536a0681a 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -2213,8 +2213,13 @@ void __init sev_hardware_setup(void)
}
sev_asid_count = max_sev_asid - min_sev_asid + 1;
- if (misc_cg_set_capacity(MISC_CG_RES_SEV, sev_asid_count))
+ if (misc_cg_set_capacity(MISC_CG_RES_SEV, sev_asid_count)) {
+ bitmap_free(sev_reclaim_asid_bitmap);
+ sev_reclaim_asid_bitmap = NULL;
+ bitmap_free(sev_asid_bitmap);
+ sev_asid_bitmap = NULL;
goto out;
+ }
pr_info("SEV supported: %u ASIDs\n", sev_asid_count);
sev_supported = true;
--
2.34.1
On Tue, 4 Apr 2023 14:26:51 +0200
Alexander Mikhalitsyn <[email protected]> wrote:
> If misc_cg_set_capacity() fails for some reason then we have
> a memleak for sev_reclaim_asid_bitmap/sev_asid_bitmap. It's
> not a case right now, because misc_cg_set_capacity() just can't
> fail and check inside it is always successful.
>
> But let's fix that for code consistency.
>
> Cc: Sean Christopherson <[email protected]>
> Cc: Paolo Bonzini <[email protected]>
> Cc: St?phane Graber <[email protected]>
> Cc: [email protected]
> Cc: [email protected]
> Signed-off-by: Alexander Mikhalitsyn <[email protected]>
> ---
> arch/x86/kvm/svm/sev.c | 7 ++++++-
> 1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
> index c25aeb550cd9..a42536a0681a 100644
> --- a/arch/x86/kvm/svm/sev.c
> +++ b/arch/x86/kvm/svm/sev.c
> @@ -2213,8 +2213,13 @@ void __init sev_hardware_setup(void)
> }
>
> sev_asid_count = max_sev_asid - min_sev_asid + 1;
> - if (misc_cg_set_capacity(MISC_CG_RES_SEV, sev_asid_count))
> + if (misc_cg_set_capacity(MISC_CG_RES_SEV, sev_asid_count)) {
> + bitmap_free(sev_reclaim_asid_bitmap);
> + sev_reclaim_asid_bitmap = NULL;
> + bitmap_free(sev_asid_bitmap);
> + sev_asid_bitmap = NULL;
> goto out;
> + }
>
> pr_info("SEV supported: %u ASIDs\n", sev_asid_count);
> sev_supported = true;
It would be nice that another case can also be fixed:
sev_es_asid_count = min_sev_asid - 1;
if (misc_cg_set_capacity(MISC_CG_RES_SEV_ES, sev_es_asid_count))
goto out; /* <----HERE */
Maybe it would be a good idea to factor out an common error handling path.
On Tue, Apr 11, 2023 at 9:47 PM Zhi Wang <[email protected]> wrote:
>
> On Tue, 4 Apr 2023 14:26:51 +0200
> Alexander Mikhalitsyn <[email protected]> wrote:
>
> > If misc_cg_set_capacity() fails for some reason then we have
> > a memleak for sev_reclaim_asid_bitmap/sev_asid_bitmap. It's
> > not a case right now, because misc_cg_set_capacity() just can't
> > fail and check inside it is always successful.
> >
> > But let's fix that for code consistency.
> >
> > Cc: Sean Christopherson <[email protected]>
> > Cc: Paolo Bonzini <[email protected]>
> > Cc: Stéphane Graber <[email protected]>
> > Cc: [email protected]
> > Cc: [email protected]
> > Signed-off-by: Alexander Mikhalitsyn <[email protected]>
> > ---
> > arch/x86/kvm/svm/sev.c | 7 ++++++-
> > 1 file changed, 6 insertions(+), 1 deletion(-)
> >
> > diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
> > index c25aeb550cd9..a42536a0681a 100644
> > --- a/arch/x86/kvm/svm/sev.c
> > +++ b/arch/x86/kvm/svm/sev.c
> > @@ -2213,8 +2213,13 @@ void __init sev_hardware_setup(void)
> > }
> >
> > sev_asid_count = max_sev_asid - min_sev_asid + 1;
> > - if (misc_cg_set_capacity(MISC_CG_RES_SEV, sev_asid_count))
> > + if (misc_cg_set_capacity(MISC_CG_RES_SEV, sev_asid_count)) {
> > + bitmap_free(sev_reclaim_asid_bitmap);
> > + sev_reclaim_asid_bitmap = NULL;
> > + bitmap_free(sev_asid_bitmap);
> > + sev_asid_bitmap = NULL;
> > goto out;
> > + }
> >
> > pr_info("SEV supported: %u ASIDs\n", sev_asid_count);
> > sev_supported = true;
>
> It would be nice that another case can also be fixed:
>
> sev_es_asid_count = min_sev_asid - 1;
> if (misc_cg_set_capacity(MISC_CG_RES_SEV_ES, sev_es_asid_count))
> goto out; /* <----HERE */
Nope.
There is no leak. Because when we are at this point then sev_supported
= true and everything is fine.
>
> Maybe it would be a good idea to factor out an common error handling path.
On Wed, 12 Apr 2023 16:52:23 +0200
Aleksandr Mikhalitsyn <[email protected]> wrote:
> On Tue, Apr 11, 2023 at 9:47 PM Zhi Wang <[email protected]> wrote:
> >
> > On Tue, 4 Apr 2023 14:26:51 +0200
> > Alexander Mikhalitsyn <[email protected]> wrote:
> >
> > > If misc_cg_set_capacity() fails for some reason then we have
> > > a memleak for sev_reclaim_asid_bitmap/sev_asid_bitmap. It's
> > > not a case right now, because misc_cg_set_capacity() just can't
> > > fail and check inside it is always successful.
> > >
> > > But let's fix that for code consistency.
> > >
> > > Cc: Sean Christopherson <[email protected]>
> > > Cc: Paolo Bonzini <[email protected]>
> > > Cc: Stéphane Graber <[email protected]>
> > > Cc: [email protected]
> > > Cc: [email protected]
> > > Signed-off-by: Alexander Mikhalitsyn <[email protected]>
> > > ---
> > > arch/x86/kvm/svm/sev.c | 7 ++++++-
> > > 1 file changed, 6 insertions(+), 1 deletion(-)
> > >
> > > diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
> > > index c25aeb550cd9..a42536a0681a 100644
> > > --- a/arch/x86/kvm/svm/sev.c
> > > +++ b/arch/x86/kvm/svm/sev.c
> > > @@ -2213,8 +2213,13 @@ void __init sev_hardware_setup(void)
> > > }
> > >
> > > sev_asid_count = max_sev_asid - min_sev_asid + 1;
> > > - if (misc_cg_set_capacity(MISC_CG_RES_SEV, sev_asid_count))
> > > + if (misc_cg_set_capacity(MISC_CG_RES_SEV, sev_asid_count)) {
> > > + bitmap_free(sev_reclaim_asid_bitmap);
> > > + sev_reclaim_asid_bitmap = NULL;
> > > + bitmap_free(sev_asid_bitmap);
> > > + sev_asid_bitmap = NULL;
> > > goto out;
> > > + }
> > >
> > > pr_info("SEV supported: %u ASIDs\n", sev_asid_count);
> > > sev_supported = true;
> >
> > It would be nice that another case can also be fixed:
> >
> > sev_es_asid_count = min_sev_asid - 1;
> > if (misc_cg_set_capacity(MISC_CG_RES_SEV_ES, sev_es_asid_count))
> > goto out; /* <----HERE */
>
> Nope.
>
> There is no leak. Because when we are at this point then sev_supported
> = true and everything is fine.
>
Uh. You are right. Sorry that I was giving this comment based on my on-going
development branch.
> >
> > Maybe it would be a good idea to factor out an common error handling path.