On Mon, 14 Jul 2025 at 12:13, Paolo Bonzini <pbonz...@redhat.com> wrote:
>
> From: Xiaoyao Li <xiaoyao...@intel.com>
>
> Record the interrupt vector and the apic id of the vcpu that calls
> TDVMCALL_SETUP_EVENT_NOTIFY_INTERRUPT.
>
> Inject the interrupt to TD guest to notify the completion of <GetQuote>
> when notify interrupt vector is valid.
>
> Signed-off-by: Xiaoyao Li <xiaoyao...@intel.com>
> Link: https://lore.kernel.org/r/20250703024021.3559286-5-xiaoyao...@intel.com
> Signed-off-by: Paolo Bonzini <pbonz...@redhat.com>
Hi; Coverity (CID 1612364) thinks the locking might not
be right in this code change (though it has a fairly
simple heuristic so it may be wrong):
> @@ -1154,6 +1179,9 @@ static void
> tdx_get_quote_completion(TdxGenerateQuoteTask *task)
> error_report("TDX: get-quote: failed to update GetQuote header.");
> }
>
> + tdx_inject_interrupt(tdx_guest->event_notify_apicid,
> + tdx_guest->event_notify_vector);
In this function we access tdx_guest->event_notify_apicid
and event_notify_vector without taking any lock...
> +
> g_free(task->send_data);
> g_free(task->receive_buf);
> g_free(task);
> +void tdx_handle_setup_event_notify_interrupt(X86CPU *cpu, struct kvm_run
> *run)
> +{
> + uint64_t vector = run->tdx.setup_event_notify.vector;
> +
> + if (vector >= 32 && vector < 256) {
> + qemu_mutex_lock(&tdx_guest->lock);
> + tdx_guest->event_notify_vector = vector;
> + tdx_guest->event_notify_apicid = cpu->apic_id;
> + qemu_mutex_unlock(&tdx_guest->lock);
...but here when we are setting those fields we take the
tdx_guest->lock.
Should we hold the tdx_guest->lock also when we read the
fields in tdx_get_quote_completion() ?
thanks
-- PMM
