CC: [email protected] CC: [email protected] TO: Jason Gunthorpe <[email protected]> CC: Alex Williamson <[email protected]> CC: Eric Auger <[email protected]>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master head: 40226a3d96ef8ab8980f032681c8bfd46d63874e commit: 179209fa12709a3df8888c323b37315da2683c24 vfio: IOMMU_API should be selected date: 4 months ago :::::: branch date: 21 hours ago :::::: commit date: 4 months ago config: x86_64-randconfig-m031-20210714 (attached as .config) compiler: gcc-10 (Debian 10.2.1-6) 10.2.1 20210110 If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <[email protected]> Reported-by: Dan Carpenter <[email protected]> smatch warnings: drivers/vfio/fsl-mc/vfio_fsl_mc.c:248 vfio_fsl_mc_ioctl() warn: potential spectre issue 'vdev->regions' [r] (local cap) vim +248 drivers/vfio/fsl-mc/vfio_fsl_mc.c fb1ff4c1941573a Bharat Bhushan 2020-10-05 199 fb1ff4c1941573a Bharat Bhushan 2020-10-05 200 static long vfio_fsl_mc_ioctl(void *device_data, unsigned int cmd, fb1ff4c1941573a Bharat Bhushan 2020-10-05 201 unsigned long arg) fb1ff4c1941573a Bharat Bhushan 2020-10-05 202 { f97f4c04e5d6ca8 Diana Craciun 2020-10-05 203 unsigned long minsz; f97f4c04e5d6ca8 Diana Craciun 2020-10-05 204 struct vfio_fsl_mc_device *vdev = device_data; f97f4c04e5d6ca8 Diana Craciun 2020-10-05 205 struct fsl_mc_device *mc_dev = vdev->mc_dev; f97f4c04e5d6ca8 Diana Craciun 2020-10-05 206 fb1ff4c1941573a Bharat Bhushan 2020-10-05 207 switch (cmd) { fb1ff4c1941573a Bharat Bhushan 2020-10-05 208 case VFIO_DEVICE_GET_INFO: fb1ff4c1941573a Bharat Bhushan 2020-10-05 209 { f97f4c04e5d6ca8 Diana Craciun 2020-10-05 210 struct vfio_device_info info; f97f4c04e5d6ca8 Diana Craciun 2020-10-05 211 f97f4c04e5d6ca8 Diana Craciun 2020-10-05 212 minsz = offsetofend(struct vfio_device_info, num_irqs); f97f4c04e5d6ca8 Diana Craciun 2020-10-05 213 f97f4c04e5d6ca8 Diana Craciun 2020-10-05 214 if (copy_from_user(&info, (void __user *)arg, minsz)) f97f4c04e5d6ca8 Diana Craciun 2020-10-05 215 return -EFAULT; f97f4c04e5d6ca8 Diana Craciun 2020-10-05 216 f97f4c04e5d6ca8 Diana Craciun 2020-10-05 217 if (info.argsz < minsz) f97f4c04e5d6ca8 Diana Craciun 2020-10-05 218 return -EINVAL; f97f4c04e5d6ca8 Diana Craciun 2020-10-05 219 f97f4c04e5d6ca8 Diana Craciun 2020-10-05 220 info.flags = VFIO_DEVICE_FLAGS_FSL_MC; ac93ab2bf69a5b7 Diana Craciun 2020-10-05 221 ac93ab2bf69a5b7 Diana Craciun 2020-10-05 222 if (is_fsl_mc_bus_dprc(mc_dev)) ac93ab2bf69a5b7 Diana Craciun 2020-10-05 223 info.flags |= VFIO_DEVICE_FLAGS_RESET; ac93ab2bf69a5b7 Diana Craciun 2020-10-05 224 f97f4c04e5d6ca8 Diana Craciun 2020-10-05 225 info.num_regions = mc_dev->obj_desc.region_count; f97f4c04e5d6ca8 Diana Craciun 2020-10-05 226 info.num_irqs = mc_dev->obj_desc.irq_count; f97f4c04e5d6ca8 Diana Craciun 2020-10-05 227 f97f4c04e5d6ca8 Diana Craciun 2020-10-05 228 return copy_to_user((void __user *)arg, &info, minsz) ? f97f4c04e5d6ca8 Diana Craciun 2020-10-05 229 -EFAULT : 0; fb1ff4c1941573a Bharat Bhushan 2020-10-05 230 } fb1ff4c1941573a Bharat Bhushan 2020-10-05 231 case VFIO_DEVICE_GET_REGION_INFO: fb1ff4c1941573a Bharat Bhushan 2020-10-05 232 { df747bcd5b216da Diana Craciun 2020-10-05 233 struct vfio_region_info info; df747bcd5b216da Diana Craciun 2020-10-05 234 df747bcd5b216da Diana Craciun 2020-10-05 235 minsz = offsetofend(struct vfio_region_info, offset); df747bcd5b216da Diana Craciun 2020-10-05 236 df747bcd5b216da Diana Craciun 2020-10-05 237 if (copy_from_user(&info, (void __user *)arg, minsz)) df747bcd5b216da Diana Craciun 2020-10-05 238 return -EFAULT; df747bcd5b216da Diana Craciun 2020-10-05 239 df747bcd5b216da Diana Craciun 2020-10-05 240 if (info.argsz < minsz) df747bcd5b216da Diana Craciun 2020-10-05 241 return -EINVAL; df747bcd5b216da Diana Craciun 2020-10-05 242 df747bcd5b216da Diana Craciun 2020-10-05 243 if (info.index >= mc_dev->obj_desc.region_count) df747bcd5b216da Diana Craciun 2020-10-05 244 return -EINVAL; df747bcd5b216da Diana Craciun 2020-10-05 245 df747bcd5b216da Diana Craciun 2020-10-05 246 /* map offset to the physical address */ df747bcd5b216da Diana Craciun 2020-10-05 247 info.offset = VFIO_FSL_MC_INDEX_TO_OFFSET(info.index); df747bcd5b216da Diana Craciun 2020-10-05 @248 info.size = vdev->regions[info.index].size; df747bcd5b216da Diana Craciun 2020-10-05 249 info.flags = vdev->regions[info.index].flags; df747bcd5b216da Diana Craciun 2020-10-05 250 09699e56dee946a Dan Carpenter 2020-10-23 251 if (copy_to_user((void __user *)arg, &info, minsz)) 09699e56dee946a Dan Carpenter 2020-10-23 252 return -EFAULT; 09699e56dee946a Dan Carpenter 2020-10-23 253 return 0; fb1ff4c1941573a Bharat Bhushan 2020-10-05 254 } fb1ff4c1941573a Bharat Bhushan 2020-10-05 255 case VFIO_DEVICE_GET_IRQ_INFO: fb1ff4c1941573a Bharat Bhushan 2020-10-05 256 { 2e0d29561f593a5 Diana Craciun 2020-10-05 257 struct vfio_irq_info info; 2e0d29561f593a5 Diana Craciun 2020-10-05 258 2e0d29561f593a5 Diana Craciun 2020-10-05 259 minsz = offsetofend(struct vfio_irq_info, count); 2e0d29561f593a5 Diana Craciun 2020-10-05 260 if (copy_from_user(&info, (void __user *)arg, minsz)) 2e0d29561f593a5 Diana Craciun 2020-10-05 261 return -EFAULT; 2e0d29561f593a5 Diana Craciun 2020-10-05 262 2e0d29561f593a5 Diana Craciun 2020-10-05 263 if (info.argsz < minsz) 2e0d29561f593a5 Diana Craciun 2020-10-05 264 return -EINVAL; 2e0d29561f593a5 Diana Craciun 2020-10-05 265 2e0d29561f593a5 Diana Craciun 2020-10-05 266 if (info.index >= mc_dev->obj_desc.irq_count) 2e0d29561f593a5 Diana Craciun 2020-10-05 267 return -EINVAL; 2e0d29561f593a5 Diana Craciun 2020-10-05 268 2e0d29561f593a5 Diana Craciun 2020-10-05 269 info.flags = VFIO_IRQ_INFO_EVENTFD; 2e0d29561f593a5 Diana Craciun 2020-10-05 270 info.count = 1; 2e0d29561f593a5 Diana Craciun 2020-10-05 271 09699e56dee946a Dan Carpenter 2020-10-23 272 if (copy_to_user((void __user *)arg, &info, minsz)) 09699e56dee946a Dan Carpenter 2020-10-23 273 return -EFAULT; 09699e56dee946a Dan Carpenter 2020-10-23 274 return 0; fb1ff4c1941573a Bharat Bhushan 2020-10-05 275 } fb1ff4c1941573a Bharat Bhushan 2020-10-05 276 case VFIO_DEVICE_SET_IRQS: fb1ff4c1941573a Bharat Bhushan 2020-10-05 277 { 2e0d29561f593a5 Diana Craciun 2020-10-05 278 struct vfio_irq_set hdr; 2e0d29561f593a5 Diana Craciun 2020-10-05 279 u8 *data = NULL; 2e0d29561f593a5 Diana Craciun 2020-10-05 280 int ret = 0; 2e0d29561f593a5 Diana Craciun 2020-10-05 281 size_t data_size = 0; 2e0d29561f593a5 Diana Craciun 2020-10-05 282 2e0d29561f593a5 Diana Craciun 2020-10-05 283 minsz = offsetofend(struct vfio_irq_set, count); 2e0d29561f593a5 Diana Craciun 2020-10-05 284 2e0d29561f593a5 Diana Craciun 2020-10-05 285 if (copy_from_user(&hdr, (void __user *)arg, minsz)) 2e0d29561f593a5 Diana Craciun 2020-10-05 286 return -EFAULT; 2e0d29561f593a5 Diana Craciun 2020-10-05 287 2e0d29561f593a5 Diana Craciun 2020-10-05 288 ret = vfio_set_irqs_validate_and_prepare(&hdr, mc_dev->obj_desc.irq_count, 2e0d29561f593a5 Diana Craciun 2020-10-05 289 mc_dev->obj_desc.irq_count, &data_size); 2e0d29561f593a5 Diana Craciun 2020-10-05 290 if (ret) 2e0d29561f593a5 Diana Craciun 2020-10-05 291 return ret; 2e0d29561f593a5 Diana Craciun 2020-10-05 292 2e0d29561f593a5 Diana Craciun 2020-10-05 293 if (data_size) { 2e0d29561f593a5 Diana Craciun 2020-10-05 294 data = memdup_user((void __user *)(arg + minsz), 2e0d29561f593a5 Diana Craciun 2020-10-05 295 data_size); 2e0d29561f593a5 Diana Craciun 2020-10-05 296 if (IS_ERR(data)) 2e0d29561f593a5 Diana Craciun 2020-10-05 297 return PTR_ERR(data); 2e0d29561f593a5 Diana Craciun 2020-10-05 298 } 2e0d29561f593a5 Diana Craciun 2020-10-05 299 2e0d29561f593a5 Diana Craciun 2020-10-05 300 mutex_lock(&vdev->igate); 2e0d29561f593a5 Diana Craciun 2020-10-05 301 ret = vfio_fsl_mc_set_irqs_ioctl(vdev, hdr.flags, 2e0d29561f593a5 Diana Craciun 2020-10-05 302 hdr.index, hdr.start, 2e0d29561f593a5 Diana Craciun 2020-10-05 303 hdr.count, data); 2e0d29561f593a5 Diana Craciun 2020-10-05 304 mutex_unlock(&vdev->igate); 2e0d29561f593a5 Diana Craciun 2020-10-05 305 kfree(data); 2e0d29561f593a5 Diana Craciun 2020-10-05 306 2e0d29561f593a5 Diana Craciun 2020-10-05 307 return ret; fb1ff4c1941573a Bharat Bhushan 2020-10-05 308 } fb1ff4c1941573a Bharat Bhushan 2020-10-05 309 case VFIO_DEVICE_RESET: fb1ff4c1941573a Bharat Bhushan 2020-10-05 310 { ac93ab2bf69a5b7 Diana Craciun 2020-10-05 311 int ret; ac93ab2bf69a5b7 Diana Craciun 2020-10-05 312 struct fsl_mc_device *mc_dev = vdev->mc_dev; ac93ab2bf69a5b7 Diana Craciun 2020-10-05 313 ac93ab2bf69a5b7 Diana Craciun 2020-10-05 314 /* reset is supported only for the DPRC */ ac93ab2bf69a5b7 Diana Craciun 2020-10-05 315 if (!is_fsl_mc_bus_dprc(mc_dev)) fb1ff4c1941573a Bharat Bhushan 2020-10-05 316 return -ENOTTY; ac93ab2bf69a5b7 Diana Craciun 2020-10-05 317 ac93ab2bf69a5b7 Diana Craciun 2020-10-05 318 ret = dprc_reset_container(mc_dev->mc_io, 0, ac93ab2bf69a5b7 Diana Craciun 2020-10-05 319 mc_dev->mc_handle, ac93ab2bf69a5b7 Diana Craciun 2020-10-05 320 mc_dev->obj_desc.id, ac93ab2bf69a5b7 Diana Craciun 2020-10-05 321 DPRC_RESET_OPTION_NON_RECURSIVE); ac93ab2bf69a5b7 Diana Craciun 2020-10-05 322 return ret; ac93ab2bf69a5b7 Diana Craciun 2020-10-05 323 fb1ff4c1941573a Bharat Bhushan 2020-10-05 324 } fb1ff4c1941573a Bharat Bhushan 2020-10-05 325 default: fb1ff4c1941573a Bharat Bhushan 2020-10-05 326 return -ENOTTY; fb1ff4c1941573a Bharat Bhushan 2020-10-05 327 } fb1ff4c1941573a Bharat Bhushan 2020-10-05 328 } fb1ff4c1941573a Bharat Bhushan 2020-10-05 329 :::::: The code at line 248 was first introduced by commit :::::: df747bcd5b216dae7be26945fab2558ed2f7f363 vfio/fsl-mc: Implement VFIO_DEVICE_GET_REGION_INFO ioctl call :::::: TO: Diana Craciun <[email protected]> :::::: CC: Alex Williamson <[email protected]> --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/[email protected]
.config.gz
Description: application/gzip
_______________________________________________ kbuild mailing list -- [email protected] To unsubscribe send an email to [email protected]
