[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PULL 04/11] i386: expand Hyper-V features during CPU feature expans
|
From: |
Vitaly Kuznetsov |
|
Subject: |
Re: [PULL 04/11] i386: expand Hyper-V features during CPU feature expansion time |
|
Date: |
Fri, 16 Jul 2021 11:07:06 +0200 |
Peter Maydell <peter.maydell@linaro.org> writes:
> On Tue, 13 Jul 2021 at 17:19, Eduardo Habkost <ehabkost@redhat.com> wrote:
>>
>> From: Vitaly Kuznetsov <vkuznets@redhat.com>
>>
>> To make Hyper-V features appear in e.g. QMP query-cpu-model-expansion we
>> need to expand and set the corresponding CPUID leaves early. Modify
>> x86_cpu_get_supported_feature_word() to call newly intoduced Hyper-V
>> specific kvm_hv_get_supported_cpuid() instead of
>> kvm_arch_get_supported_cpuid(). We can't use kvm_arch_get_supported_cpuid()
>> as Hyper-V specific CPUID leaves intersect with KVM's.
>>
>> Note, early expansion will only happen when KVM supports system wide
>> KVM_GET_SUPPORTED_HV_CPUID ioctl (KVM_CAP_SYS_HYPERV_CPUID).
>>
>> Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
>> Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
>> Message-Id: <20210608120817.1325125-6-vkuznets@redhat.com>
>> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
>
> Hi; Coverity reports an issue in this code (CID 1458243):
>
>> -static bool hyperv_expand_features(CPUState *cs, Error **errp)
>> +bool kvm_hyperv_expand_features(X86CPU *cpu, Error **errp)
>> {
>> - X86CPU *cpu = X86_CPU(cs);
>> + CPUState *cs = CPU(cpu);
>>
>> if (!hyperv_enabled(cpu))
>> return true;
>>
>> + /*
>> + * When kvm_hyperv_expand_features is called at CPU feature expansion
>> + * time per-CPU kvm_state is not available yet so we can only proceed
>> + * when KVM_CAP_SYS_HYPERV_CPUID is supported.
>> + */
>> + if (!cs->kvm_state &&
>> + !kvm_check_extension(kvm_state, KVM_CAP_SYS_HYPERV_CPUID))
>> + return true;
>
> Here we check whether cs->kvm_state is NULL, but even if it is
> NULL we can still continue execution further through the function.
>
> Later in the function we call hv_cpuid_get_host(), which in turn
> can call get_supported_hv_cpuid_legacy(), which can dereference
> cs->kvm_state without checking it.
get_supported_hv_cpuid_legacy() is only called when KVM_CAP_HYPERV_CPUID
is not supported and this is not possible with
KVM_CAP_SYS_HYPERV_CPUID. Coverity, of course, can't know that.
>
> So either the check on cs->kvm_state above is unnecessary, or we
> need to handle it being NULL in some way other than falling through.
It seems an assert(cs) before calling get_supported_hv_cpuid_legacy()
(with a proper comment) should do the job.
>
> Side note: this change isn't in line with our coding style, which
> requires braces around the body of the if().
My bad, will fix.
--
Vitaly
- [PULL 00/11] x86 queue, 2021-07-13, Eduardo Habkost, 2021/07/13
- [PULL 03/11] i386: make hyperv_expand_features() return bool, Eduardo Habkost, 2021/07/13
- [PULL 04/11] i386: expand Hyper-V features during CPU feature expansion time, Eduardo Habkost, 2021/07/13
- [PULL 05/11] i386: kill off hv_cpuid_check_and_set(), Eduardo Habkost, 2021/07/13
- [PULL 01/11] i386: clarify 'hv-passthrough' behavior, Eduardo Habkost, 2021/07/13
- [PULL 06/11] i386: HV_HYPERCALL_AVAILABLE privilege bit is always needed, Eduardo Habkost, 2021/07/13
- [PULL 07/11] i386: Hyper-V SynIC requires POST_MESSAGES/SIGNAL_EVENTS privileges, Eduardo Habkost, 2021/07/13
- [PULL 10/11] numa: Report expected initiator, Eduardo Habkost, 2021/07/13
- [PULL 11/11] numa: Parse initiator= attribute before cpus= attribute, Eduardo Habkost, 2021/07/13
- [PULL 02/11] i386: hardcode supported eVMCS version to '1', Eduardo Habkost, 2021/07/13
- [PULL 08/11] target/i386: suppress CPUID leaves not defined by the CPU vendor, Eduardo Habkost, 2021/07/13
- [PULL 09/11] target/i386: Fix cpuid level for AMD, Eduardo Habkost, 2021/07/13
- Re: [PULL 00/11] x86 queue, 2021-07-13, Peter Maydell, 2021/07/14