lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <201806161143.AVrY9pr4%fengguang.wu@intel.com>
Date:   Sat, 16 Jun 2018 11:39:09 +0800
From:   kbuild test robot <lkp@...el.com>
To:     Matthias Kaehlcke <mka@...omium.org>
Cc:     kbuild-all@...org, Paolo Bonzini <pbonzini@...hat.com>,
        Radim Krčmář <rkrcmar@...hat.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        "H . Peter Anvin" <hpa@...or.com>, x86@...nel.org,
        kvm@...r.kernel.org, linux-kernel@...r.kernel.org,
        Nick Desaulniers <ndesaulniers@...gle.com>,
        Matthias Kaehlcke <mka@...omium.org>
Subject: Re: [PATCH] kvm: x86: mmu: Add cast to negated bitmasks in
 update_permission_bitmask()

Hi Matthias,

Thank you for the patch! Perhaps something to improve:

[auto build test WARNING on kvm/linux-next]
[also build test WARNING on v4.17 next-20180615]
[if your patch is applied to the wrong git tree, please drop us a note to help improve the system]

url:    https://github.com/0day-ci/linux/commits/Matthias-Kaehlcke/kvm-x86-mmu-Add-cast-to-negated-bitmasks-in-update_permission_bitmask/20180616-015357
base:   https://git.kernel.org/pub/scm/virt/kvm/kvm.git linux-next
reproduce:
        # apt-get install sparse
        make ARCH=x86_64 allmodconfig
        make C=1 CF=-D__CHECK_ENDIAN__


sparse warnings: (new ones prefixed by >>)

   include/linux/seq_buf.h:71:16: sparse: expression using sizeof(void)
   include/linux/seq_buf.h:71:16: sparse: expression using sizeof(void)
   include/linux/seq_buf.h:71:16: sparse: expression using sizeof(void)
   include/linux/seq_buf.h:71:16: sparse: expression using sizeof(void)
   arch/x86/kvm/mmu.c:1123:21: sparse: expression using sizeof(void)
   arch/x86/kvm/mmu.c:1123:21: sparse: expression using sizeof(void)
   arch/x86/kvm/mmu.c:1769:37: sparse: expression using sizeof(void)
   arch/x86/kvm/mmu.c:1769:37: sparse: expression using sizeof(void)
   arch/x86/kvm/mmu.c:1770:35: sparse: expression using sizeof(void)
   arch/x86/kvm/mmu.c:1770:35: sparse: expression using sizeof(void)
   arch/x86/kvm/paging_tmpl.h:788:33: sparse: expression using sizeof(void)
   arch/x86/kvm/paging_tmpl.h:788:33: sparse: expression using sizeof(void)
   arch/x86/kvm/paging_tmpl.h:788:33: sparse: expression using sizeof(void)
   arch/x86/kvm/paging_tmpl.h:788:33: sparse: expression using sizeof(void)
   arch/x86/kvm/paging_tmpl.h:788:33: sparse: expression using sizeof(void)
   arch/x86/kvm/paging_tmpl.h:788:33: sparse: expression using sizeof(void)
   arch/x86/kvm/mmu.c:5168:33: sparse: expression using sizeof(void)
   arch/x86/kvm/mmu.c:5168:33: sparse: expression using sizeof(void)
   arch/x86/kvm/mmu.c:5169:31: sparse: expression using sizeof(void)
   arch/x86/kvm/mmu.c:5169:31: sparse: expression using sizeof(void)
   arch/x86/kvm/mmu.c:5548:24: sparse: expression using sizeof(void)
>> arch/x86/kvm/mmu.c:4280:57: sparse: cast truncates bits from constant value (ffffff33 becomes 33)
>> arch/x86/kvm/mmu.c:4282:56: sparse: cast truncates bits from constant value (ffffff0f becomes f)
>> arch/x86/kvm/mmu.c:4284:57: sparse: cast truncates bits from constant value (ffffff55 becomes 55)

vim +4280 arch/x86/kvm/mmu.c

  4247	
  4248	#define BYTE_MASK(access) \
  4249		((1 & (access) ? 2 : 0) | \
  4250		 (2 & (access) ? 4 : 0) | \
  4251		 (3 & (access) ? 8 : 0) | \
  4252		 (4 & (access) ? 16 : 0) | \
  4253		 (5 & (access) ? 32 : 0) | \
  4254		 (6 & (access) ? 64 : 0) | \
  4255		 (7 & (access) ? 128 : 0))
  4256	
  4257	
  4258	static void update_permission_bitmask(struct kvm_vcpu *vcpu,
  4259					      struct kvm_mmu *mmu, bool ept)
  4260	{
  4261		unsigned byte;
  4262	
  4263		const u8 x = BYTE_MASK(ACC_EXEC_MASK);
  4264		const u8 w = BYTE_MASK(ACC_WRITE_MASK);
  4265		const u8 u = BYTE_MASK(ACC_USER_MASK);
  4266	
  4267		bool cr4_smep = kvm_read_cr4_bits(vcpu, X86_CR4_SMEP) != 0;
  4268		bool cr4_smap = kvm_read_cr4_bits(vcpu, X86_CR4_SMAP) != 0;
  4269		bool cr0_wp = is_write_protection(vcpu);
  4270	
  4271		for (byte = 0; byte < ARRAY_SIZE(mmu->permissions); ++byte) {
  4272			unsigned pfec = byte << 1;
  4273	
  4274			/*
  4275			 * Each "*f" variable has a 1 bit for each UWX value
  4276			 * that causes a fault with the given PFEC.
  4277			 */
  4278	
  4279			/* Faults from writes to non-writable pages */
> 4280			u8 wf = (pfec & PFERR_WRITE_MASK) ? (u8)~w : 0;
  4281			/* Faults from user mode accesses to supervisor pages */
> 4282			u8 uf = (pfec & PFERR_USER_MASK) ? (u8)~u : 0;
  4283			/* Faults from fetches of non-executable pages*/
> 4284			u8 ff = (pfec & PFERR_FETCH_MASK) ? (u8)~x : 0;
  4285			/* Faults from kernel mode fetches of user pages */
  4286			u8 smepf = 0;
  4287			/* Faults from kernel mode accesses of user pages */
  4288			u8 smapf = 0;
  4289	
  4290			if (!ept) {
  4291				/* Faults from kernel mode accesses to user pages */
  4292				u8 kf = (pfec & PFERR_USER_MASK) ? 0 : u;
  4293	
  4294				/* Not really needed: !nx will cause pte.nx to fault */
  4295				if (!mmu->nx)
  4296					ff = 0;
  4297	
  4298				/* Allow supervisor writes if !cr0.wp */
  4299				if (!cr0_wp)
  4300					wf = (pfec & PFERR_USER_MASK) ? wf : 0;
  4301	
  4302				/* Disallow supervisor fetches of user code if cr4.smep */
  4303				if (cr4_smep)
  4304					smepf = (pfec & PFERR_FETCH_MASK) ? kf : 0;
  4305	
  4306				/*
  4307				 * SMAP:kernel-mode data accesses from user-mode
  4308				 * mappings should fault. A fault is considered
  4309				 * as a SMAP violation if all of the following
  4310				 * conditions are ture:
  4311				 *   - X86_CR4_SMAP is set in CR4
  4312				 *   - A user page is accessed
  4313				 *   - The access is not a fetch
  4314				 *   - Page fault in kernel mode
  4315				 *   - if CPL = 3 or X86_EFLAGS_AC is clear
  4316				 *
  4317				 * Here, we cover the first three conditions.
  4318				 * The fourth is computed dynamically in permission_fault();
  4319				 * PFERR_RSVD_MASK bit will be set in PFEC if the access is
  4320				 * *not* subject to SMAP restrictions.
  4321				 */
  4322				if (cr4_smap)
  4323					smapf = (pfec & (PFERR_RSVD_MASK|PFERR_FETCH_MASK)) ? 0 : kf;
  4324			}
  4325	
  4326			mmu->permissions[byte] = ff | uf | wf | smepf | smapf;
  4327		}
  4328	}
  4329	

---
0-DAY kernel test infrastructure                Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all                   Intel Corporation

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ