| Message ID | 1582213006-488-1-git-send-email-linmiaohe@huawei.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | KVM: apic: avoid calculating pending eoi from an uninitialized val | expand |
linmiaohe <linmiaohe@huawei.com> writes: > From: Miaohe Lin <linmiaohe@huawei.com> > > When get user eoi value failed, var val would be uninitialized and result > in calculating pending eoi from an uninitialized val. Initialize var val > to 0 to fix this case. Let me try to suggest an alternative wording, "When pv_eoi_get_user() fails, 'val' may remain uninitialized and the return value of pv_eoi_get_pending() becomes random. Fix the issue by initializing the variable." > > Signed-off-by: Miaohe Lin <linmiaohe@huawei.com> > --- > arch/x86/kvm/lapic.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c > index 4f14ec7525f6..7e77e94f3176 100644 > --- a/arch/x86/kvm/lapic.c > +++ b/arch/x86/kvm/lapic.c > @@ -626,7 +626,7 @@ static inline bool pv_eoi_enabled(struct kvm_vcpu *vcpu) > > static bool pv_eoi_get_pending(struct kvm_vcpu *vcpu) > { > - u8 val; > + u8 val = 0; > if (pv_eoi_get_user(vcpu, &val) < 0) > printk(KERN_WARNING "Can't read EOI MSR value: 0x%llx\n", > (unsigned long long)vcpu->arch.pv_eoi.msr_val); Reviewed-by: Vitaly Kuznetsov <vkuznets@redhat.com> But why compilers don't complain?
On Thu, Feb 20, 2020 at 05:33:17PM +0100, Vitaly Kuznetsov wrote: > linmiaohe <linmiaohe@huawei.com> writes: > > > From: Miaohe Lin <linmiaohe@huawei.com> > > > > When get user eoi value failed, var val would be uninitialized and result > > in calculating pending eoi from an uninitialized val. Initialize var val > > to 0 to fix this case. > > Let me try to suggest an alternative wording, > > "When pv_eoi_get_user() fails, 'val' may remain uninitialized and the > return value of pv_eoi_get_pending() becomes random. Fix the issue by > initializing the variable." > > > > > Signed-off-by: Miaohe Lin <linmiaohe@huawei.com> > > --- > > arch/x86/kvm/lapic.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c > > index 4f14ec7525f6..7e77e94f3176 100644 > > --- a/arch/x86/kvm/lapic.c > > +++ b/arch/x86/kvm/lapic.c > > @@ -626,7 +626,7 @@ static inline bool pv_eoi_enabled(struct kvm_vcpu *vcpu) > > > > static bool pv_eoi_get_pending(struct kvm_vcpu *vcpu) > > { > > - u8 val; > > + u8 val = 0; Rather than initialize @val, I'd prefer to explicitly handle the error, similar to pv_eoi_clr_pending() and pv_eoi_set_pending(), e.g. u8 val; if (pv_eoi_get_user(vcpu, &val) < 0) { printk(KERN_WARNING "Can't read EOI MSR value: 0x%llx\n", (unsigned long long)vcpu->arch.pv_eoi.msr_val); return false; } return val & 0x1; > > if (pv_eoi_get_user(vcpu, &val) < 0) > > printk(KERN_WARNING "Can't read EOI MSR value: 0x%llx\n", > > (unsigned long long)vcpu->arch.pv_eoi.msr_val); > > Reviewed-by: Vitaly Kuznetsov <vkuznets@redhat.com> > > But why compilers don't complain? Clang might?
diff --git a/arch/x86/kvm/lapic.c b/arch/x86/kvm/lapic.c index 4f14ec7525f6..7e77e94f3176 100644 --- a/arch/x86/kvm/lapic.c +++ b/arch/x86/kvm/lapic.c @@ -626,7 +626,7 @@ static inline bool pv_eoi_enabled(struct kvm_vcpu *vcpu) static bool pv_eoi_get_pending(struct kvm_vcpu *vcpu) { - u8 val; + u8 val = 0; if (pv_eoi_get_user(vcpu, &val) < 0) printk(KERN_WARNING "Can't read EOI MSR value: 0x%llx\n", (unsigned long long)vcpu->arch.pv_eoi.msr_val);