2019-05-21 17:25:33

by Rik van Riel

[permalink] [raw]
Subject: [PATCH] kvm: change KVM_REQUEST_MASK to reflect vcpu.requests size

The code using KVM_REQUEST_MASK uses a pattern reminiscent of a bitmask:

set_bit(req & KVM_REQUEST_MASK, &vcpu->requests);

However, the first argument passed to set_bit, test_bit, and clear_bit
is a bit number, not a bitmask. That means the current definition would
allow users of kvm_make_request to overflow the vcpu.requests bitmask,
and is confusing to developers examining the code.

Redefine KVM_REQUEST_MASK to reflect the number of bits that actually
fit inside an unsigned long, and add a comment explaining set_bit and
friends take bit numbers, not a bitmask.

Signed-off-by: Rik van Riel <[email protected]>
---
include/linux/kvm_host.h | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h
index 79fa4426509c..d15fb43d7796 100644
--- a/include/linux/kvm_host.h
+++ b/include/linux/kvm_host.h
@@ -138,7 +138,8 @@ static inline bool is_error_page(struct page *page)
return IS_ERR(page);
}

-#define KVM_REQUEST_MASK GENMASK(7,0)
+/* Limit the bit numbers for set_bit etc to fit unsigned long vcpu.requests. */
+#define KVM_REQUEST_MASK (BITS_PER_LONG-1)
#define KVM_REQUEST_NO_WAKEUP BIT(8)
#define KVM_REQUEST_WAIT BIT(9)
/*



2019-05-21 18:30:26

by Paolo Bonzini

[permalink] [raw]
Subject: Re: [PATCH] kvm: change KVM_REQUEST_MASK to reflect vcpu.requests size

On 21/05/19 19:22, Rik van Riel wrote:
> The code using KVM_REQUEST_MASK uses a pattern reminiscent of a bitmask:
>
> set_bit(req & KVM_REQUEST_MASK, &vcpu->requests);
>
> However, the first argument passed to set_bit, test_bit, and clear_bit
> is a bit number, not a bitmask. That means the current definition would
> allow users of kvm_make_request to overflow the vcpu.requests bitmask,
> and is confusing to developers examining the code.

This is true, but the meaning of the masking is that bits above 7 define
extra things to do when sending a request (wait for acknowledge, kick
the recipient CPU). The fact that the "request number" field is 8 bits
rather than 5 or 6 is just an implementation detail.

If you change it to BITS_PER_LONG-1, the obvious way to read the code
would be that requests 0, 64, 128 are all valid and map to the same request.

Paolo

> Redefine KVM_REQUEST_MASK to reflect the number of bits that actually
> fit inside an unsigned long, and add a comment explaining set_bit and
> friends take bit numbers, not a bitmask.