Message ID | 20221103141351.50662-10-mlevitsk@redhat.com |
---|---|
State | New |
Headers | show |
Series | nSVM: Security and correctness fixes | expand |
On 03/11/2022 14:13, Maxim Levitsky wrote: > It is valid to receive external interrupt and have broken IDT entry, > which will lead to #GP with exit_int_into that will contain the index of > the IDT entry (e.g any value). > > Other exceptions can happen as well, like #NP or #SS > (if stack switch fails). > > Thus this warning can be user triggred and has very little value. > > Cc: stable@vger.kernel.org > Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com> > --- > arch/x86/kvm/svm/svm.c | 9 --------- > 1 file changed, 9 deletions(-) > > diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c > index e9cec1b692051c..36f651ce842174 100644 > --- a/arch/x86/kvm/svm/svm.c > +++ b/arch/x86/kvm/svm/svm.c > @@ -3428,15 +3428,6 @@ static int svm_handle_exit(struct kvm_vcpu *vcpu, fastpath_t exit_fastpath) > return 0; > } > > - if (is_external_interrupt(svm->vmcb->control.exit_int_info) && > - exit_code != SVM_EXIT_EXCP_BASE + PF_VECTOR && > - exit_code != SVM_EXIT_NPF && exit_code != SVM_EXIT_TASK_SWITCH && > - exit_code != SVM_EXIT_INTR && exit_code != SVM_EXIT_NMI) > - printk(KERN_ERR "%s: unexpected exit_int_info 0x%x " > - "exit_code 0x%x\n", > - __func__, svm->vmcb->control.exit_int_info, > - exit_code); > - > if (exit_fastpath != EXIT_FASTPATH_NONE) > return 1; > This was the only caller of is_external_interrupt() - should the definition be removed also to avoid a 'defined but not used' warning? Regards, Liam
On Sun, 2022-11-06 at 15:53 +0000, Liam Merwick wrote: > On 03/11/2022 14:13, Maxim Levitsky wrote: > > It is valid to receive external interrupt and have broken IDT entry, > > which will lead to #GP with exit_int_into that will contain the index of > > the IDT entry (e.g any value). > > > > Other exceptions can happen as well, like #NP or #SS > > (if stack switch fails). > > > > Thus this warning can be user triggred and has very little value. > > > > Cc: stable@vger.kernel.org > > Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com> > > --- > > arch/x86/kvm/svm/svm.c | 9 --------- > > 1 file changed, 9 deletions(-) > > > > diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c > > index e9cec1b692051c..36f651ce842174 100644 > > --- a/arch/x86/kvm/svm/svm.c > > +++ b/arch/x86/kvm/svm/svm.c > > @@ -3428,15 +3428,6 @@ static int svm_handle_exit(struct kvm_vcpu *vcpu, fastpath_t exit_fastpath) > > return 0; > > } > > > > - if (is_external_interrupt(svm->vmcb->control.exit_int_info) && > > - exit_code != SVM_EXIT_EXCP_BASE + PF_VECTOR && > > - exit_code != SVM_EXIT_NPF && exit_code != SVM_EXIT_TASK_SWITCH && > > - exit_code != SVM_EXIT_INTR && exit_code != SVM_EXIT_NMI) > > - printk(KERN_ERR "%s: unexpected exit_int_info 0x%x " > > - "exit_code 0x%x\n", > > - __func__, svm->vmcb->control.exit_int_info, > > - exit_code); > > - > > if (exit_fastpath != EXIT_FASTPATH_NONE) > > return 1; > > > > This was the only caller of is_external_interrupt() - should the > definition be removed also to avoid a 'defined but not used' warning? I hate to say it but I have seen a warning about an unused function, but I really didn't expect that to come from this patch. I somehow thought that its some leftover in kvm/queue. I'll remove the unused function in a next version. Best regards, Maxim Levitsky > > Regards, > Liam >
On 09/11/2022 09:15, Maxim Levitsky wrote: > On Sun, 2022-11-06 at 15:53 +0000, Liam Merwick wrote: >> On 03/11/2022 14:13, Maxim Levitsky wrote: >>> It is valid to receive external interrupt and have broken IDT entry, >>> which will lead to #GP with exit_int_into that will contain the index of >>> the IDT entry (e.g any value). >>> >>> Other exceptions can happen as well, like #NP or #SS >>> (if stack switch fails). >>> >>> Thus this warning can be user triggred and has very little value. >>> >>> Cc: stable@vger.kernel.org >>> Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com> >>> --- >>> arch/x86/kvm/svm/svm.c | 9 --------- >>> 1 file changed, 9 deletions(-) >>> >>> diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c >>> index e9cec1b692051c..36f651ce842174 100644 >>> --- a/arch/x86/kvm/svm/svm.c >>> +++ b/arch/x86/kvm/svm/svm.c >>> @@ -3428,15 +3428,6 @@ static int svm_handle_exit(struct kvm_vcpu *vcpu, fastpath_t exit_fastpath) >>> return 0; >>> } >>> >>> - if (is_external_interrupt(svm->vmcb->control.exit_int_info) && >>> - exit_code != SVM_EXIT_EXCP_BASE + PF_VECTOR && >>> - exit_code != SVM_EXIT_NPF && exit_code != SVM_EXIT_TASK_SWITCH && >>> - exit_code != SVM_EXIT_INTR && exit_code != SVM_EXIT_NMI) >>> - printk(KERN_ERR "%s: unexpected exit_int_info 0x%x " >>> - "exit_code 0x%x\n", >>> - __func__, svm->vmcb->control.exit_int_info, >>> - exit_code); >>> - >>> if (exit_fastpath != EXIT_FASTPATH_NONE) >>> return 1; >>> >> >> This was the only caller of is_external_interrupt() - should the >> definition be removed also to avoid a 'defined but not used' warning? > > I hate to say it but I have seen a warning about an unused function, > but I really didn't expect that to come from this patch. > I somehow thought that its some leftover in kvm/queue. > > I'll remove the unused function in a next version. > Reviewed-by: Liam Merwick <liam.merwick@oracle.com>
diff --git a/arch/x86/kvm/svm/svm.c b/arch/x86/kvm/svm/svm.c index e9cec1b692051c..36f651ce842174 100644 --- a/arch/x86/kvm/svm/svm.c +++ b/arch/x86/kvm/svm/svm.c @@ -3428,15 +3428,6 @@ static int svm_handle_exit(struct kvm_vcpu *vcpu, fastpath_t exit_fastpath) return 0; } - if (is_external_interrupt(svm->vmcb->control.exit_int_info) && - exit_code != SVM_EXIT_EXCP_BASE + PF_VECTOR && - exit_code != SVM_EXIT_NPF && exit_code != SVM_EXIT_TASK_SWITCH && - exit_code != SVM_EXIT_INTR && exit_code != SVM_EXIT_NMI) - printk(KERN_ERR "%s: unexpected exit_int_info 0x%x " - "exit_code 0x%x\n", - __func__, svm->vmcb->control.exit_int_info, - exit_code); - if (exit_fastpath != EXIT_FASTPATH_NONE) return 1;
It is valid to receive external interrupt and have broken IDT entry, which will lead to #GP with exit_int_into that will contain the index of the IDT entry (e.g any value). Other exceptions can happen as well, like #NP or #SS (if stack switch fails). Thus this warning can be user triggred and has very little value. Cc: stable@vger.kernel.org Signed-off-by: Maxim Levitsky <mlevitsk@redhat.com> --- arch/x86/kvm/svm/svm.c | 9 --------- 1 file changed, 9 deletions(-)