From patchwork Fri Feb 16 09:37:57 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: WANG Xuerui X-Patchwork-Id: 13559717 Received: from mailbox.box.xen0n.name (mail.xen0n.name [115.28.160.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 781411BF40; Fri, 16 Feb 2024 09:38:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=115.28.160.31 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708076296; cv=none; b=kQJ6gKTe/p/Zf3suVwapeVIv3BrAiP5ZOtEqZ8p8xsLs07Rpw3UCOlJjI3YcW88EAHMlX7xZcEB79XOBSi81YMHt85Nqp8TXzRPaPMhfRlLk5mW66tUL6Pd8zqqo29PYEwFn59YHIaggS2Q7Tz5QvLfShj6T5rUGnhpR3rmZPvc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708076296; c=relaxed/simple; bh=KEo5ilDJKrGL6duLt4MyGNOdrIywH1ExG4tjw1tnX/4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=kjtFcfe5/+KsClkEFeZ6Xa5p7UaX9PH6Mo53amdmiV6hhiOfqmvDghF5K5XZetctc9A9JeTqWTNqSMz0AimN1Qtlaebm5T50yusHRJSe0a7BIVWuRyD6Be5L8Q//LaO8rjIEKga+Nkxl504gfMX75LZnkBufZtf3iQnsqCpecLU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=xen0n.name; spf=pass smtp.mailfrom=xen0n.name; dkim=pass (1024-bit key) header.d=xen0n.name header.i=@xen0n.name header.b=NQ1/7q7u; arc=none smtp.client-ip=115.28.160.31 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=xen0n.name Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=xen0n.name Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=xen0n.name header.i=@xen0n.name header.b="NQ1/7q7u" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=xen0n.name; s=mail; t=1708076291; bh=KEo5ilDJKrGL6duLt4MyGNOdrIywH1ExG4tjw1tnX/4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=NQ1/7q7uSGVHU4We9uGyGdzhLq/3K1/JU3w/6E52uIgPcCumeo6VJCq/QkwmHJviz HBIW1zDjUEFBcjXrXOsFDvwFk7ARQZ8dDH6k9EF2cDuu8h5Z1szne7EiakOVmCtEqg e7XG3oCgOwM8HwQJydv/Vf6rdfv48x3H7ZsYGExc= Received: from ld50.lan (unknown [IPv6:240e:388:8d00:6500:cda4:aa27:b0f6:1748]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mailbox.box.xen0n.name (Postfix) with ESMTPSA id 76E1560114; Fri, 16 Feb 2024 17:38:11 +0800 (CST) From: WANG Xuerui To: Paolo Bonzini , Huacai Chen Cc: Tianrui Zhao , Bibo Mao , kvm@vger.kernel.org, loongarch@lists.linux.dev, linux-kernel@vger.kernel.org, WANG Xuerui Subject: [PATCH RESEND for-6.8 v3 1/3] LoongArch: KVM: Fix input validation of _kvm_get_cpucfg and kvm_check_cpucfg Date: Fri, 16 Feb 2024 17:37:57 +0800 Message-ID: <20240216093759.3038760-2-kernel@xen0n.name> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240216093759.3038760-1-kernel@xen0n.name> References: <20240216093759.3038760-1-kernel@xen0n.name> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: WANG Xuerui The range check for the CPUCFG ID is wrong (should have been a || instead of &&); it is conceptually simpler to just express the check as another case of the switch statement on the ID. As it turns out to be the case, the userland (currently only the QEMU/KVM target code) expects to set CPUCFG IDs 0 to 20 inclusive, but only CPUCFG2 values are being validated. Furthermore, the juggling of the temp return value is unnecessary, because it is semantically equivalent and more readable to just return at every switch case's end. This is done too to avoid potential bugs in the future related to the unwanted complexity. Also, the return value of _kvm_get_cpucfg is meant to be checked, but this was not done, so bad CPUCFG IDs wrongly fall back to the default case and 0 is incorrectly returned; check the return value to fix the UAPI behavior. While at it, also remove the redundant range check in kvm_check_cpucfg, because out-of-range CPUCFG IDs are already rejected by the -EINVAL as returned by _kvm_get_cpucfg. Fixes: db1ecca22edf ("LoongArch: KVM: Add LSX (128bit SIMD) support") Fixes: 118e10cd893d ("LoongArch: KVM: Add LASX (256bit SIMD) support") Signed-off-by: WANG Xuerui --- arch/loongarch/kvm/vcpu.c | 35 ++++++++++++++++------------------- 1 file changed, 16 insertions(+), 19 deletions(-) diff --git a/arch/loongarch/kvm/vcpu.c b/arch/loongarch/kvm/vcpu.c index 27701991886d..124cd7a75061 100644 --- a/arch/loongarch/kvm/vcpu.c +++ b/arch/loongarch/kvm/vcpu.c @@ -300,11 +300,6 @@ static int _kvm_setcsr(struct kvm_vcpu *vcpu, unsigned int id, u64 val) static int _kvm_get_cpucfg(int id, u64 *v) { - int ret = 0; - - if (id < 0 && id >= KVM_MAX_CPUCFG_REGS) - return -EINVAL; - switch (id) { case 2: /* Return CPUCFG2 features which have been supported by KVM */ @@ -324,32 +319,34 @@ static int _kvm_get_cpucfg(int id, u64 *v) if (cpu_has_lasx) *v |= CPUCFG2_LASX; - break; + return 0; + case 0 ... 1: + case 3 ... KVM_MAX_CPUCFG_REGS - 1: + /* no restrictions on other CPUCFG IDs' values */ + *v = U64_MAX; + return 0; default: - ret = -EINVAL; - break; + return -EINVAL; } - return ret; } static int kvm_check_cpucfg(int id, u64 val) { - u64 mask; - int ret = 0; - - if (id < 0 && id >= KVM_MAX_CPUCFG_REGS) - return -EINVAL; + u64 mask = 0; + int ret; - if (_kvm_get_cpucfg(id, &mask)) + ret = _kvm_get_cpucfg(id, &mask); + if (ret) return ret; + if (val & ~mask) + /* Unsupported features should not be set */ + return -EINVAL; + switch (id) { case 2: /* CPUCFG2 features checking */ - if (val & ~mask) - /* The unsupported features should not be set */ - ret = -EINVAL; - else if (!(val & CPUCFG2_LLFTP)) + if (!(val & CPUCFG2_LLFTP)) /* The LLFTP must be set, as guest must has a constant timer */ ret = -EINVAL; else if ((val & CPUCFG2_FP) && (!(val & CPUCFG2_FPSP) || !(val & CPUCFG2_FPDP))) From patchwork Fri Feb 16 09:37:58 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: WANG Xuerui X-Patchwork-Id: 13559716 Received: from mailbox.box.xen0n.name (mail.xen0n.name [115.28.160.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 47A691BF3F; Fri, 16 Feb 2024 09:38:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=115.28.160.31 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708076296; cv=none; b=NReycuoF8nBtCc8+H6VkOZtg77ePrG1j+x1HFcj1C4DmeuSITBpVBxYCxkWJxqz6tT97lRJMHnRcx/waDvUe/t3BDps/ucqS4mZ1sP6bvqD7kK2uoPzDdwqz9cuQYyxM9wXGI+JSNg2tQmql/Ld4qH5LCHGO8PigXeX6i56Lzlg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708076296; c=relaxed/simple; bh=rEiWf82DA18Wx2w8gv0lu+0/shLFZ5W8HKb5RPqBJ7Q=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=EPsrh67aKfhTgHby7zEz1Z007e8KCug0ArXsgpdmPA3loVc7t6dZRtR7kE6CtwgG8Wst+QPMLIPzmur5qylt9VmFRHdw8fIG5Q1ROm+54A3MpHf0Rm/zQVZo/6e0pUwSNrjQefHuCE64TAIk8Lhgz2X17hB0dZ57+5ddBuWwvyA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=xen0n.name; spf=pass smtp.mailfrom=xen0n.name; dkim=pass (1024-bit key) header.d=xen0n.name header.i=@xen0n.name header.b=pTrLmwBK; arc=none smtp.client-ip=115.28.160.31 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=xen0n.name Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=xen0n.name Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=xen0n.name header.i=@xen0n.name header.b="pTrLmwBK" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=xen0n.name; s=mail; t=1708076291; bh=rEiWf82DA18Wx2w8gv0lu+0/shLFZ5W8HKb5RPqBJ7Q=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=pTrLmwBKY5FMRgpMJJ/RZ1TDW9MvxnohZrjBSKIT+aNui7lLW9PmTFV7CQs93mMjX Me1+9Qf7l0KpD+BzrX+11EuiVSnbcL9pNarzKfLvn3yX+y6utgNThy3Yowy4W0L9Js qtcy5HAk8cVmrLOuwG7XpPgStPEs85sYwW4Vr1Io= Received: from ld50.lan (unknown [IPv6:240e:388:8d00:6500:cda4:aa27:b0f6:1748]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mailbox.box.xen0n.name (Postfix) with ESMTPSA id C9BE660187; Fri, 16 Feb 2024 17:38:11 +0800 (CST) From: WANG Xuerui To: Paolo Bonzini , Huacai Chen Cc: Tianrui Zhao , Bibo Mao , kvm@vger.kernel.org, loongarch@lists.linux.dev, linux-kernel@vger.kernel.org, WANG Xuerui Subject: [PATCH RESEND for-6.8 v3 2/3] LoongArch: KVM: Rename _kvm_get_cpucfg to _kvm_get_cpucfg_mask Date: Fri, 16 Feb 2024 17:37:58 +0800 Message-ID: <20240216093759.3038760-3-kernel@xen0n.name> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240216093759.3038760-1-kernel@xen0n.name> References: <20240216093759.3038760-1-kernel@xen0n.name> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: WANG Xuerui The function is not actually a getter of guest CPUCFG, but rather validation of the input CPUCFG ID plus information about the supported bit flags of that CPUCFG leaf. So rename it to avoid confusion. Signed-off-by: WANG Xuerui --- arch/loongarch/kvm/vcpu.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/arch/loongarch/kvm/vcpu.c b/arch/loongarch/kvm/vcpu.c index 124cd7a75061..e5acd4c08071 100644 --- a/arch/loongarch/kvm/vcpu.c +++ b/arch/loongarch/kvm/vcpu.c @@ -298,7 +298,7 @@ static int _kvm_setcsr(struct kvm_vcpu *vcpu, unsigned int id, u64 val) return ret; } -static int _kvm_get_cpucfg(int id, u64 *v) +static int _kvm_get_cpucfg_mask(int id, u64 *v) { switch (id) { case 2: @@ -335,7 +335,7 @@ static int kvm_check_cpucfg(int id, u64 val) u64 mask = 0; int ret; - ret = _kvm_get_cpucfg(id, &mask); + ret = _kvm_get_cpucfg_mask(id, &mask); if (ret) return ret; @@ -563,7 +563,7 @@ static int kvm_loongarch_get_cpucfg_attr(struct kvm_vcpu *vcpu, uint64_t val; uint64_t __user *uaddr = (uint64_t __user *)attr->addr; - ret = _kvm_get_cpucfg(attr->attr, &val); + ret = _kvm_get_cpucfg_mask(attr->attr, &val); if (ret) return ret; From patchwork Fri Feb 16 09:37:59 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: WANG Xuerui X-Patchwork-Id: 13559718 Received: from mailbox.box.xen0n.name (mail.xen0n.name [115.28.160.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 805951BF47; Fri, 16 Feb 2024 09:38:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=115.28.160.31 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708076298; cv=none; b=Ubm4k+EfiTcwstoZWh13wAQ63DZ+z1/ANNMQfZPB8kHTih1X/usC6xSzqKIz80zYl3npsl8yyOizlxQFjkdDc3Q4ehL+FXTGpxgl6iKAGmEB5m+BWPHRjufiRZisE9l0WGl4OBnC97QLOck3Xsvf1X9rMIOuh2KjfSkcMOeF/WY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708076298; c=relaxed/simple; bh=2gDw0o66DflpWYG/Gy8TCph2SB91NzGgN6Z10TivAUU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=bSj2IoCC5Z8/v2unUAO3j3MdEF1teaZw7vvqTRcMU8KU2k6TayUWn5uMFJ48UPU614q1LRj16V0Y/8zOprtdAQeJ8RLFaY73QOSC9zejw0Dt1bWcHG/tzEsVwONhQytrguLba2MCrB1DIPrnAaF3CgMRDZTeI+i+DCD4ty2rQb4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=xen0n.name; spf=pass smtp.mailfrom=xen0n.name; dkim=pass (1024-bit key) header.d=xen0n.name header.i=@xen0n.name header.b=Ulvq/xe6; arc=none smtp.client-ip=115.28.160.31 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=xen0n.name Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=xen0n.name Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=xen0n.name header.i=@xen0n.name header.b="Ulvq/xe6" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=xen0n.name; s=mail; t=1708076292; bh=2gDw0o66DflpWYG/Gy8TCph2SB91NzGgN6Z10TivAUU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Ulvq/xe6cFTI8BwAFq0qNG5RRJDH/Y5KfG0hNR+0SLrn7PeldaNl13frJGtctTvxa 4abex99Is7H4g0WLJHBr7sO2yztEjCnTxSTTWCJWuRiC2Hmeuk3QL5eAju+X7vqhcE Oe03bg/ZhJUVxnEmXcqf8lksMfnmNCfeJdWG7T/Q= Received: from ld50.lan (unknown [IPv6:240e:388:8d00:6500:cda4:aa27:b0f6:1748]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mailbox.box.xen0n.name (Postfix) with ESMTPSA id 9404E601C2; Fri, 16 Feb 2024 17:38:12 +0800 (CST) From: WANG Xuerui To: Paolo Bonzini , Huacai Chen Cc: Tianrui Zhao , Bibo Mao , kvm@vger.kernel.org, loongarch@lists.linux.dev, linux-kernel@vger.kernel.org, WANG Xuerui Subject: [PATCH RESEND for-6.8 v3 3/3] LoongArch: KVM: Streamline kvm_check_cpucfg and improve comments Date: Fri, 16 Feb 2024 17:37:59 +0800 Message-ID: <20240216093759.3038760-4-kernel@xen0n.name> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240216093759.3038760-1-kernel@xen0n.name> References: <20240216093759.3038760-1-kernel@xen0n.name> Precedence: bulk X-Mailing-List: kvm@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: WANG Xuerui All the checks currently done in kvm_check_cpucfg can be realized with early returns, so just do that to avoid extra cognitive burden related to the return value handling. While at it, clean up comments of _kvm_get_cpucfg_mask and kvm_check_cpucfg, by removing comments that are merely restatement of the code nearby, and paraphrasing the rest so they read more natural for English speakers (that likely are not familiar with the actual Chinese-influenced grammar). No functional changes intended. Signed-off-by: WANG Xuerui --- arch/loongarch/kvm/vcpu.c | 42 +++++++++++++++++++-------------------- 1 file changed, 20 insertions(+), 22 deletions(-) diff --git a/arch/loongarch/kvm/vcpu.c b/arch/loongarch/kvm/vcpu.c index e5acd4c08071..a241db6d77a6 100644 --- a/arch/loongarch/kvm/vcpu.c +++ b/arch/loongarch/kvm/vcpu.c @@ -302,20 +302,16 @@ static int _kvm_get_cpucfg_mask(int id, u64 *v) { switch (id) { case 2: - /* Return CPUCFG2 features which have been supported by KVM */ + /* CPUCFG2 features unconditionally supported by KVM */ *v = CPUCFG2_FP | CPUCFG2_FPSP | CPUCFG2_FPDP | CPUCFG2_FPVERS | CPUCFG2_LLFTP | CPUCFG2_LLFTPREV | CPUCFG2_LAM; /* - * If LSX is supported by CPU, it is also supported by KVM, - * as we implement it. + * For the ISA extensions listed below, if one is supported + * by the host, then it is also supported by KVM. */ if (cpu_has_lsx) *v |= CPUCFG2_LSX; - /* - * if LASX is supported by CPU, it is also supported by KVM, - * as we implement it. - */ if (cpu_has_lasx) *v |= CPUCFG2_LASX; @@ -345,24 +341,26 @@ static int kvm_check_cpucfg(int id, u64 val) switch (id) { case 2: - /* CPUCFG2 features checking */ if (!(val & CPUCFG2_LLFTP)) - /* The LLFTP must be set, as guest must has a constant timer */ - ret = -EINVAL; - else if ((val & CPUCFG2_FP) && (!(val & CPUCFG2_FPSP) || !(val & CPUCFG2_FPDP))) - /* Single and double float point must both be set when enable FP */ - ret = -EINVAL; - else if ((val & CPUCFG2_LSX) && !(val & CPUCFG2_FP)) - /* FP should be set when enable LSX */ - ret = -EINVAL; - else if ((val & CPUCFG2_LASX) && !(val & CPUCFG2_LSX)) - /* LSX, FP should be set when enable LASX, and FP has been checked before. */ - ret = -EINVAL; - break; + /* Guests must have a constant timer */ + return -EINVAL; + if ((val & CPUCFG2_FP) && (!(val & CPUCFG2_FPSP) || !(val & CPUCFG2_FPDP))) + /* Single and double float point must both be set when FP is enabled */ + return -EINVAL; + if ((val & CPUCFG2_LSX) && !(val & CPUCFG2_FP)) + /* LSX architecturally implies FP but val does not satisfy that */ + return -EINVAL; + if ((val & CPUCFG2_LASX) && !(val & CPUCFG2_LSX)) + /* LASX architecturally implies LSX and FP but val does not satisfy that */ + return -EINVAL; + return 0; default: - break; + /* + * Values for the other CPUCFG IDs are not being further validated + * besides the mask check above. + */ + return 0; } - return ret; } static int kvm_get_one_reg(struct kvm_vcpu *vcpu,