lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <202102280402.c6iev2Xp-lkp@intel.com>
Date:   Sun, 28 Feb 2021 04:25:13 +0800
From:   kernel test robot <lkp@...el.com>
To:     Peter Xu <peterx@...hat.com>
Cc:     kbuild-all@...ts.01.org, linux-kernel@...r.kernel.org,
        Paolo Bonzini <pbonzini@...hat.com>,
        Sean Christopherson <sean.j.christopherson@...el.com>
Subject: arch/x86/kvm/x86.c:10408:32: sparse: sparse: Using plain integer as
 NULL pointer

tree:   https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head:   5695e51619745d4fe3ec2506a2f0cd982c5e27a4
commit: ff5a983cbb3746d371de2cc95ea7dcfd982b4084 KVM: X86: Don't track dirty for KVM_SET_[TSS_ADDR|IDENTITY_MAP_ADDR]
date:   3 months ago
config: x86_64-randconfig-s022-20210228 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-15) 9.3.0
reproduce:
        # apt-get install sparse
        # sparse version: v0.6.3-241-geaceeafa-dirty
        # https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ff5a983cbb3746d371de2cc95ea7dcfd982b4084
        git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
        git fetch --no-tags linus master
        git checkout ff5a983cbb3746d371de2cc95ea7dcfd982b4084
        # save the attached .config to linux build tree
        make W=1 C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__' ARCH=x86_64 

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@...el.com>


"sparse warnings: (new ones prefixed by >>)"
   arch/x86/kvm/x86.c:2859:38: sparse: sparse: incorrect type in argument 1 (different address spaces) @@     expected void const [noderef] __user * @@     got unsigned char [usertype] * @@
   arch/x86/kvm/x86.c:2859:38: sparse:     expected void const [noderef] __user *
   arch/x86/kvm/x86.c:2859:38: sparse:     got unsigned char [usertype] *
   arch/x86/kvm/x86.c:8058:15: sparse: sparse: incompatible types in comparison expression (different address spaces):
   arch/x86/kvm/x86.c:8058:15: sparse:    struct kvm_apic_map [noderef] __rcu *
   arch/x86/kvm/x86.c:8058:15: sparse:    struct kvm_apic_map *
>> arch/x86/kvm/x86.c:10408:32: sparse: sparse: Using plain integer as NULL pointer
   arch/x86/kvm/x86.c:10464:16: sparse: sparse: incompatible types in comparison expression (different address spaces):
   arch/x86/kvm/x86.c:10464:16: sparse:    struct kvm_apic_map [noderef] __rcu *
   arch/x86/kvm/x86.c:10464:16: sparse:    struct kvm_apic_map *
   arch/x86/kvm/x86.c:10465:15: sparse: sparse: incompatible types in comparison expression (different address spaces):
   arch/x86/kvm/x86.c:10465:15: sparse:    struct kvm_pmu_event_filter [noderef] __rcu *
   arch/x86/kvm/x86.c:10465:15: sparse:    struct kvm_pmu_event_filter *
   arch/x86/kvm/x86.c: note: in included file (through include/linux/notifier.h, include/linux/memory_hotplug.h, include/linux/mmzone.h, ...):
   include/linux/srcu.h:179:9: sparse: sparse: context imbalance in 'vcpu_enter_guest' - unexpected unlock

vim +10408 arch/x86/kvm/x86.c

ff5a983cbb3746 Peter Xu            2020-09-30  10358  
ff5a983cbb3746 Peter Xu            2020-09-30  10359  /**
ff5a983cbb3746 Peter Xu            2020-09-30  10360   * __x86_set_memory_region: Setup KVM internal memory slot
ff5a983cbb3746 Peter Xu            2020-09-30  10361   *
ff5a983cbb3746 Peter Xu            2020-09-30  10362   * @kvm: the kvm pointer to the VM.
ff5a983cbb3746 Peter Xu            2020-09-30  10363   * @id: the slot ID to setup.
ff5a983cbb3746 Peter Xu            2020-09-30  10364   * @gpa: the GPA to install the slot (unused when @size == 0).
ff5a983cbb3746 Peter Xu            2020-09-30  10365   * @size: the size of the slot. Set to zero to uninstall a slot.
ff5a983cbb3746 Peter Xu            2020-09-30  10366   *
ff5a983cbb3746 Peter Xu            2020-09-30  10367   * This function helps to setup a KVM internal memory slot.  Specify
ff5a983cbb3746 Peter Xu            2020-09-30  10368   * @size > 0 to install a new slot, while @size == 0 to uninstall a
ff5a983cbb3746 Peter Xu            2020-09-30  10369   * slot.  The return code can be one of the following:
ff5a983cbb3746 Peter Xu            2020-09-30  10370   *
ff5a983cbb3746 Peter Xu            2020-09-30  10371   *   HVA:           on success (uninstall will return a bogus HVA)
ff5a983cbb3746 Peter Xu            2020-09-30  10372   *   -errno:        on error
ff5a983cbb3746 Peter Xu            2020-09-30  10373   *
ff5a983cbb3746 Peter Xu            2020-09-30  10374   * The caller should always use IS_ERR() to check the return value
ff5a983cbb3746 Peter Xu            2020-09-30  10375   * before use.  Note, the KVM internal memory slots are guaranteed to
ff5a983cbb3746 Peter Xu            2020-09-30  10376   * remain valid and unchanged until the VM is destroyed, i.e., the
ff5a983cbb3746 Peter Xu            2020-09-30  10377   * GPA->HVA translation will not change.  However, the HVA is a user
ff5a983cbb3746 Peter Xu            2020-09-30  10378   * address, i.e. its accessibility is not guaranteed, and must be
ff5a983cbb3746 Peter Xu            2020-09-30  10379   * accessed via __copy_{to,from}_user().
ff5a983cbb3746 Peter Xu            2020-09-30  10380   */
ff5a983cbb3746 Peter Xu            2020-09-30  10381  void __user * __x86_set_memory_region(struct kvm *kvm, int id, gpa_t gpa,
ff5a983cbb3746 Peter Xu            2020-09-30  10382  				      u32 size)
9da0e4d5ac9699 Paolo Bonzini       2015-05-18  10383  {
9da0e4d5ac9699 Paolo Bonzini       2015-05-18  10384  	int i, r;
3f649ab728cda8 Kees Cook           2020-06-03  10385  	unsigned long hva, old_npages;
f0d648bdf0a5bb Paolo Bonzini       2015-10-12  10386  	struct kvm_memslots *slots = kvm_memslots(kvm);
0577d1abe704c3 Sean Christopherson 2020-02-18  10387  	struct kvm_memory_slot *slot;
9da0e4d5ac9699 Paolo Bonzini       2015-05-18  10388  
9da0e4d5ac9699 Paolo Bonzini       2015-05-18  10389  	/* Called with kvm->slots_lock held.  */
1d8007bdee074f Paolo Bonzini       2015-10-12  10390  	if (WARN_ON(id >= KVM_MEM_SLOTS_NUM))
ff5a983cbb3746 Peter Xu            2020-09-30  10391  		return ERR_PTR_USR(-EINVAL);
9da0e4d5ac9699 Paolo Bonzini       2015-05-18  10392  
f0d648bdf0a5bb Paolo Bonzini       2015-10-12  10393  	slot = id_to_memslot(slots, id);
f0d648bdf0a5bb Paolo Bonzini       2015-10-12  10394  	if (size) {
0577d1abe704c3 Sean Christopherson 2020-02-18  10395  		if (slot && slot->npages)
ff5a983cbb3746 Peter Xu            2020-09-30  10396  			return ERR_PTR_USR(-EEXIST);
f0d648bdf0a5bb Paolo Bonzini       2015-10-12  10397  
f0d648bdf0a5bb Paolo Bonzini       2015-10-12  10398  		/*
f0d648bdf0a5bb Paolo Bonzini       2015-10-12  10399  		 * MAP_SHARED to prevent internal slot pages from being moved
f0d648bdf0a5bb Paolo Bonzini       2015-10-12  10400  		 * by fork()/COW.
f0d648bdf0a5bb Paolo Bonzini       2015-10-12  10401  		 */
f0d648bdf0a5bb Paolo Bonzini       2015-10-12  10402  		hva = vm_mmap(NULL, 0, size, PROT_READ | PROT_WRITE,
f0d648bdf0a5bb Paolo Bonzini       2015-10-12  10403  			      MAP_SHARED | MAP_ANONYMOUS, 0);
f0d648bdf0a5bb Paolo Bonzini       2015-10-12  10404  		if (IS_ERR((void *)hva))
ff5a983cbb3746 Peter Xu            2020-09-30  10405  			return (void __user *)hva;
f0d648bdf0a5bb Paolo Bonzini       2015-10-12  10406  	} else {
0577d1abe704c3 Sean Christopherson 2020-02-18  10407  		if (!slot || !slot->npages)
f0d648bdf0a5bb Paolo Bonzini       2015-10-12 @10408  			return 0;
f0d648bdf0a5bb Paolo Bonzini       2015-10-12  10409  
0577d1abe704c3 Sean Christopherson 2020-02-18  10410  		old_npages = slot->npages;
e0135a104c52cc Paolo Bonzini       2020-06-11  10411  		hva = 0;
f0d648bdf0a5bb Paolo Bonzini       2015-10-12  10412  	}
f0d648bdf0a5bb Paolo Bonzini       2015-10-12  10413  
9da0e4d5ac9699 Paolo Bonzini       2015-05-18  10414  	for (i = 0; i < KVM_ADDRESS_SPACE_NUM; i++) {
1d8007bdee074f Paolo Bonzini       2015-10-12  10415  		struct kvm_userspace_memory_region m;
9da0e4d5ac9699 Paolo Bonzini       2015-05-18  10416  
1d8007bdee074f Paolo Bonzini       2015-10-12  10417  		m.slot = id | (i << 16);
1d8007bdee074f Paolo Bonzini       2015-10-12  10418  		m.flags = 0;
1d8007bdee074f Paolo Bonzini       2015-10-12  10419  		m.guest_phys_addr = gpa;
f0d648bdf0a5bb Paolo Bonzini       2015-10-12  10420  		m.userspace_addr = hva;
1d8007bdee074f Paolo Bonzini       2015-10-12  10421  		m.memory_size = size;
9da0e4d5ac9699 Paolo Bonzini       2015-05-18  10422  		r = __kvm_set_memory_region(kvm, &m);
9da0e4d5ac9699 Paolo Bonzini       2015-05-18  10423  		if (r < 0)
ff5a983cbb3746 Peter Xu            2020-09-30  10424  			return ERR_PTR_USR(r);
9da0e4d5ac9699 Paolo Bonzini       2015-05-18  10425  	}
9da0e4d5ac9699 Paolo Bonzini       2015-05-18  10426  
103c763c72dd2d Eric Biggers        2018-01-31  10427  	if (!size)
0577d1abe704c3 Sean Christopherson 2020-02-18  10428  		vm_munmap(hva, old_npages * PAGE_SIZE);
f0d648bdf0a5bb Paolo Bonzini       2015-10-12  10429  
ff5a983cbb3746 Peter Xu            2020-09-30  10430  	return (void __user *)hva;
9da0e4d5ac9699 Paolo Bonzini       2015-05-18  10431  }
9da0e4d5ac9699 Paolo Bonzini       2015-05-18  10432  EXPORT_SYMBOL_GPL(__x86_set_memory_region);
9da0e4d5ac9699 Paolo Bonzini       2015-05-18  10433  

:::::: The code at line 10408 was first introduced by commit
:::::: f0d648bdf0a5bbc91da6099d5282f77996558ea4 KVM: x86: map/unmap private slots in __x86_set_memory_region

:::::: TO: Paolo Bonzini <pbonzini@...hat.com>
:::::: CC: Paolo Bonzini <pbonzini@...hat.com>

---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org

Download attachment ".config.gz" of type "application/gzip" (35995 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ