Received: by 2002:a05:6358:1087:b0:cb:c9d3:cd90 with SMTP id j7csp1149424rwi; Mon, 10 Oct 2022 11:56:16 -0700 (PDT) X-Google-Smtp-Source: AMsMyM4qFEFFQGs7hmyNW6hyO7pV4fmOc3BcusG/SOy8Xt1rjZtTTDPT4Ik3OceaSSEGc7PSFIrQ X-Received: by 2002:a17:907:2cf1:b0:78d:cafc:caba with SMTP id hz17-20020a1709072cf100b0078dcafccabamr2876820ejc.154.1665428176616; Mon, 10 Oct 2022 11:56:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1665428176; cv=none; d=google.com; s=arc-20160816; b=PHAEf7VAW3zfI+qfzD+hrEHl3UhuwOzcPTD5YvfsT9msc9uUfyIZYvHzyQi86QVxyA rM3ef1O737U+IVpw2ysUoWXHJe2sElxVgKcIq/eu/AEoGtkWQ6EU2TVp+TxftyzbzDWv epQuEJC1fpg+rVVjZPvca7HM4OiXHHr3fbPvZxIZeKuPKE8nsXzdbzEly4I3IxPAl3KB lYJ8ujJVFLUszhtPS6nGGtslMT3NMLP9/Q0mfRUrVSwmHlZXgTkgIagPkgYeNnFKWrnU ZtKWzjmMM8ZGi6AkeKRbwgY+dnq1kHXsJeeeC9T3wgjgZEvgXUzO3VOaQt1uAt8IIWL6 EMoA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=wS9XNmL9PTvlp9VISpiDKDxyfVk83qtMmZiT+IPGHIg=; b=LE162hCDWAtdzvSXTuIhP01UyoYxWyv+VMTSq3STIC9ZmF480tE7RRBNKP4+OWyuxt upDydjRdepr8DKj+x+g811lsDKi5vfElJzD0SGT5MmKh43xYpyPSMav606PSqUhlJnbN j+sHq7pafXebcqxx567Yf+7tlpyLZFjreT2PY60xvhX/1D+AzQ+qdL/e5M9cVaaDmZ/J ciXPx93x+BYZmoA2W3H0ASd2lcKWCGDlvFazZL9srTjaMWSVqKWuA7PjUJwbCRNAuA2N SRAai4nLkC5NnGLw/jZ7jygKG/Ce3ltIqRaTBKtonA/5KvPlbdIoL4ZQEVZISWNZVz0H GEng== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=JxKohsaU; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id go12-20020a1709070d8c00b0078c65d3a2a9si12911087ejc.859.2022.10.10.11.55.50; Mon, 10 Oct 2022 11:56:16 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=JxKohsaU; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229757AbiJJSkJ (ORCPT + 99 others); Mon, 10 Oct 2022 14:40:09 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36138 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229490AbiJJSkG (ORCPT ); Mon, 10 Oct 2022 14:40:06 -0400 Received: from mail-pf1-x435.google.com (mail-pf1-x435.google.com [IPv6:2607:f8b0:4864:20::435]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C3F1811457 for ; Mon, 10 Oct 2022 11:40:03 -0700 (PDT) Received: by mail-pf1-x435.google.com with SMTP id i6so11496557pfb.2 for ; Mon, 10 Oct 2022 11:40:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=wS9XNmL9PTvlp9VISpiDKDxyfVk83qtMmZiT+IPGHIg=; b=JxKohsaUtCTHITn6Y1acxAvmnClFADK4dR5OZ7ZyXuykcvKRbmQFQ/1TH6IoylwOGe uKI0p0MKNau02ZcSN9efCZi2tAc5xOkmAiAaSd5DCGuMfyiYlRM6qa1kz2PQWW55eplG TdZXiM22oNth5hg9jKBp0jIP6owdSRtRrQdWM8WnIKp7jV02OMFW2DnK0xQINgqGIfPi 8JTNYOTb16oBISqekFaQ4vtwDFv5q1TlYml5doodUhXld8RAlLwlGuw4ozoRQdc5ehcy M9Jpnn2KIT3b7XH+o4RcuaZgPd2tHbC0me9GvctljTqq3iozugubkiY1g3PR9WU9OlAM Glew== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=wS9XNmL9PTvlp9VISpiDKDxyfVk83qtMmZiT+IPGHIg=; b=Fr5JrrqLAbNPqM8ZwcKAbcF1lEh6s2Nca2l4k/gMd84QZ/7crSV0XuS32mAQuwb1MV 6YEATEplejisdEtDxAasnktvUHN094VXdghUH2uyNIeOLF43YldGz1qWi9IOqADIF2QF IWxWPfw2PMTBiMXDhejtwl3roxyGrB6e7jXu36SKpffoPP5Iu9kwl0vCVGaNcQLr2VPo lt/lhiijuLTNokk+TrbwF+sSEa4bLR+Bs2J8TTOn3VS8ijBZllJs7rckrkE5r3kBku2q 33UZSbAz3u8UT79IeFvlvaBub8DjZASdhvPeNSkwGTDA02xOSCP0VRHmywKxCP9QU6Yh U8qw== X-Gm-Message-State: ACrzQf3hCCu7MR+wR5dIshHMVAAGC6QBLu+8mvLUoDKRvdgjADm1W9H9 PijrLsGawvy7tim4yX/qg1kFMA== X-Received: by 2002:a65:62c7:0:b0:463:9c67:5fe2 with SMTP id m7-20020a6562c7000000b004639c675fe2mr2368898pgv.443.1665427202557; Mon, 10 Oct 2022 11:40:02 -0700 (PDT) Received: from google.com (7.104.168.34.bc.googleusercontent.com. [34.168.104.7]) by smtp.gmail.com with ESMTPSA id p13-20020aa79e8d000000b005627470944dsm7248057pfq.189.2022.10.10.11.40.01 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 10 Oct 2022 11:40:01 -0700 (PDT) Date: Mon, 10 Oct 2022 18:39:57 +0000 From: Sean Christopherson To: Dan Carpenter Cc: kbuild@lists.01.org, Oliver Upton , lkp@intel.com, kbuild-all@lists.01.org, linux-kernel@vger.kernel.org, Paolo Bonzini Subject: Re: [kbuild] arch/x86/kvm/x86.c:4988 kvm_arch_tsc_set_attr() warn: check for integer overflow 'offset' Message-ID: References: <202210102159.8nYEC0Hl-lkp@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <202210102159.8nYEC0Hl-lkp@intel.com> X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Oct 10, 2022, Dan Carpenter wrote: > tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master > head: 493ffd6605b2d3d4dc7008ab927dba319f36671f > commit: 828ca89628bfcb1b8f27535025f69dd00eb55207 KVM: x86: Expose TSC offset controls to userspace > config: x86_64-randconfig-m001-20221010 > compiler: gcc-11 (Debian 11.3.0-5) 11.3.0 > > If you fix the issue, kindly add following tag where applicable > | Reported-by: kernel test robot > | Reported-by: Dan Carpenter > > smatch warnings: > arch/x86/kvm/x86.c:4988 kvm_arch_tsc_set_attr() warn: check for integer overflow 'offset' > > vim +/offset +4988 arch/x86/kvm/x86.c > > 828ca89628bfcb Oliver Upton 2021-09-16 4962 static int kvm_arch_tsc_set_attr(struct kvm_vcpu *vcpu, > 828ca89628bfcb Oliver Upton 2021-09-16 4963 struct kvm_device_attr *attr) > 828ca89628bfcb Oliver Upton 2021-09-16 4964 { > 828ca89628bfcb Oliver Upton 2021-09-16 4965 u64 __user *uaddr = (u64 __user *)(unsigned long)attr->addr; > 828ca89628bfcb Oliver Upton 2021-09-16 4966 struct kvm *kvm = vcpu->kvm; > 828ca89628bfcb Oliver Upton 2021-09-16 4967 int r; > 828ca89628bfcb Oliver Upton 2021-09-16 4968 > 828ca89628bfcb Oliver Upton 2021-09-16 4969 if ((u64)(unsigned long)uaddr != attr->addr) > 828ca89628bfcb Oliver Upton 2021-09-16 4970 return -EFAULT; > 828ca89628bfcb Oliver Upton 2021-09-16 4971 > 828ca89628bfcb Oliver Upton 2021-09-16 4972 switch (attr->attr) { > 828ca89628bfcb Oliver Upton 2021-09-16 4973 case KVM_VCPU_TSC_OFFSET: { > 828ca89628bfcb Oliver Upton 2021-09-16 4974 u64 offset, tsc, ns; > 828ca89628bfcb Oliver Upton 2021-09-16 4975 unsigned long flags; > 828ca89628bfcb Oliver Upton 2021-09-16 4976 bool matched; > 828ca89628bfcb Oliver Upton 2021-09-16 4977 > 828ca89628bfcb Oliver Upton 2021-09-16 4978 r = -EFAULT; > 828ca89628bfcb Oliver Upton 2021-09-16 4979 if (get_user(offset, uaddr)) > 828ca89628bfcb Oliver Upton 2021-09-16 4980 break; > 828ca89628bfcb Oliver Upton 2021-09-16 4981 > 828ca89628bfcb Oliver Upton 2021-09-16 4982 raw_spin_lock_irqsave(&kvm->arch.tsc_write_lock, flags); > 828ca89628bfcb Oliver Upton 2021-09-16 4983 > 828ca89628bfcb Oliver Upton 2021-09-16 4984 matched = (vcpu->arch.virtual_tsc_khz && > 828ca89628bfcb Oliver Upton 2021-09-16 4985 kvm->arch.last_tsc_khz == vcpu->arch.virtual_tsc_khz && > 828ca89628bfcb Oliver Upton 2021-09-16 4986 kvm->arch.last_tsc_offset == offset); > 828ca89628bfcb Oliver Upton 2021-09-16 4987 > 828ca89628bfcb Oliver Upton 2021-09-16 @4988 tsc = kvm_scale_tsc(vcpu, rdtsc(), vcpu->arch.l1_tsc_scaling_ratio) + offset; > > Smatch hates obvious user triggerable integer overflows... No checking > on offset. This is ok, and even necessary, e.g. if the host TSC > guest TSC. Is there anything we can do in KVM to help Smatch avoid false positives? Or do you/Smatch already maintain a list of known false positives?