All of lore.kernel.org
 help / color / mirror / Atom feed
From: Isaku Yamahata <isaku.yamahata@gmail.com>
To: Kuppuswamy Sathyanarayanan  <sathyanarayanan.kuppuswamy@linux.intel.com>
Cc: Thomas Gleixner <tglx@linutronix.de>,
	Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
	Dave Hansen <dave.hansen@linux.intel.com>,
	x86@kernel.org, Hans de Goede <hdegoede@redhat.com>,
	Mark Gross <mgross@linux.intel.com>,
	"H . Peter Anvin" <hpa@zytor.com>,
	"Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>,
	Tony Luck <tony.luck@intel.com>, Andi Kleen <ak@linux.intel.com>,
	linux-kernel@vger.kernel.org,
	platform-driver-x86@vger.kernel.org, isaku.yamahata@gmail.com
Subject: Re: [PATCH v3 4/4] platform/x86: intel_tdx_attest: Add TDX Guest attestation interface driver
Date: Tue, 19 Apr 2022 18:20:32 -0700	[thread overview]
Message-ID: <20220420012032.GA2224031@ls.amr.corp.intel.com> (raw)
In-Reply-To: <20220415220109.282834-5-sathyanarayanan.kuppuswamy@linux.intel.com>

On Fri, Apr 15, 2022 at 03:01:09PM -0700,
Kuppuswamy Sathyanarayanan <sathyanarayanan.kuppuswamy@linux.intel.com> wrote:
...
> diff --git a/drivers/platform/x86/intel/tdx/intel_tdx_attest.c b/drivers/platform/x86/intel/tdx/intel_tdx_attest.c
> new file mode 100644
> index 000000000000..9124db800d4f
> --- /dev/null
> +++ b/drivers/platform/x86/intel/tdx/intel_tdx_attest.c
...
> +static long tdx_attest_ioctl(struct file *file, unsigned int cmd,
> +			     unsigned long arg)
> +{
> +	struct attest_dev *adev = platform_get_drvdata(pdev);
> +	void __user *argp = (void __user *)arg;
> +	struct tdx_gen_quote tdquote_req;
> +	long ret = 0, err;
> +
> +	mutex_lock(&adev->lock);
> +
> +	switch (cmd) {
> +	case TDX_CMD_GET_TDREPORT:
> +		if (copy_from_user(adev->report_buf, argp,
> +					TDX_REPORT_DATA_LEN)) {
> +			ret = -EFAULT;
> +			break;
> +		}
> +
> +		/* Generate TDREPORT_STRUCT */
> +		err = tdx_mcall_tdreport(adev->tdreport_buf, adev->report_buf);
> +		if (err) {
> +			ret = put_user(err, (long __user *)argp);
> +			ret = -EIO;
> +			break;
> +		}
> +
> +		if (copy_to_user(argp, adev->tdreport_buf, TDX_TDREPORT_LEN))
> +			ret = -EFAULT;
> +		break;
> +	case TDX_CMD_GEN_QUOTE:
> +		reinit_completion(&adev->req_compl);
> +
> +		/* Copy TDREPORT data from user buffer */
> +		if (copy_from_user(&tdquote_req, argp, sizeof(struct tdx_gen_quote))) {
> +			ret = -EFAULT;
> +			break;
> +		}
> +
> +		if (tdquote_req.len <= 0 || tdquote_req.len > GET_QUOTE_MAX_SIZE) {
> +			ret = -EINVAL;
> +			break;
> +		}
> +
> +		if (copy_from_user(adev->tdquote_buf, (void __user *)tdquote_req.buf,
> +					tdquote_req.len)) {
> +			ret = -EFAULT;
> +			break;
> +		}
> +
> +		/* Submit GetQuote Request */
> +		err = tdx_hcall_get_quote(adev->tdquote_buf, GET_QUOTE_MAX_SIZE);
> +		if (err) {
> +			ret = put_user(err, (long __user *)argp);
> +			ret = -EIO;
> +			break;
> +		}
> +
> +		/* Wait for attestation completion */
> +		ret = wait_for_completion_interruptible_timeout(
> +				&adev->req_compl,
> +				msecs_to_jiffies(GET_QUOTE_TIMEOUT));

If timeout occurs, the state of adev->tdquote_buf is unknown.  It's not safe
to continue to using adev->tdquote_buf.  VMM would continue to processing
getquote request with this buffer.  What if TDX_CMD_GEN_QUOTE is issued again,
and tdquote_buf is re-used?
-- 
Isaku Yamahata <isaku.yamahata@gmail.com>

  parent reply	other threads:[~2022-04-20  1:20 UTC|newest]

Thread overview: 48+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-04-15 22:01 [PATCH v3 0/4] Add TDX Guest Attestation support Kuppuswamy Sathyanarayanan
2022-04-15 22:01 ` [PATCH v3 1/4] x86/tdx: Add tdx_mcall_tdreport() API support Kuppuswamy Sathyanarayanan
2022-04-19  2:29   ` Kai Huang
2022-04-19  3:37     ` Sathyanarayanan Kuppuswamy
2022-04-19  3:51       ` Kai Huang
2022-04-19  3:53         ` Sathyanarayanan Kuppuswamy
2022-04-15 22:01 ` [PATCH v3 2/4] x86/tdx: Add tdx_hcall_get_quote() " Kuppuswamy Sathyanarayanan
2022-04-19  2:59   ` Kai Huang
2022-04-19  4:04     ` Sathyanarayanan Kuppuswamy
2022-04-19  4:40       ` Kai Huang
2022-04-19  5:28         ` Sathyanarayanan Kuppuswamy
2022-04-19  7:21           ` Kai Huang
2022-04-20  3:39   ` Aubrey Li
2022-04-20  7:16     ` Sathyanarayanan Kuppuswamy
2022-04-20  8:08       ` Aubrey Li
2022-04-22 17:24       ` Isaku Yamahata
2022-04-25  3:06         ` Aubrey Li
2022-04-15 22:01 ` [PATCH v3 3/4] x86/tdx: Add TDX Guest event notify interrupt support Kuppuswamy Sathyanarayanan
2022-04-15 22:01 ` [PATCH v3 4/4] platform/x86: intel_tdx_attest: Add TDX Guest attestation interface driver Kuppuswamy Sathyanarayanan
2022-04-19  7:47   ` Kai Huang
2022-04-19  8:13     ` Borislav Petkov
2022-04-19 12:48       ` Sathyanarayanan Kuppuswamy
2022-04-20 22:00         ` Borislav Petkov
2022-04-20 22:09           ` Sathyanarayanan Kuppuswamy
2022-04-21  9:10             ` Borislav Petkov
2022-04-21 14:54               ` Sathyanarayanan Kuppuswamy
2022-04-19  8:16     ` Kai Huang
2022-04-19 14:00       ` Sathyanarayanan Kuppuswamy
2022-04-19 22:38         ` Kai Huang
2022-04-19 14:13     ` Dave Hansen
2022-04-19 14:19       ` Sathyanarayanan Kuppuswamy
2022-04-19 14:24         ` Dave Hansen
2022-04-19 14:26           ` Sathyanarayanan Kuppuswamy
2022-04-19 22:21       ` Kai Huang
2022-04-19 22:49         ` Dave Hansen
2022-04-19 23:02           ` Kai Huang
2022-04-20  1:20   ` Isaku Yamahata [this message]
2022-04-20  1:26     ` Sathyanarayanan Kuppuswamy
2022-04-21  7:04       ` Isaku Yamahata
2022-04-21 14:44         ` Sathyanarayanan Kuppuswamy
2022-04-20 23:18   ` Kai Huang
2022-04-20 23:45     ` Sathyanarayanan Kuppuswamy
2022-04-21  0:11       ` Kai Huang
2022-04-21  2:42         ` Sathyanarayanan Kuppuswamy
2022-04-21  6:57           ` Isaku Yamahata
2022-04-21 10:33             ` Kai Huang
2022-04-21 14:53             ` Sathyanarayanan Kuppuswamy
2022-04-21 16:53               ` Isaku Yamahata

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220420012032.GA2224031@ls.amr.corp.intel.com \
    --to=isaku.yamahata@gmail.com \
    --cc=ak@linux.intel.com \
    --cc=bp@alien8.de \
    --cc=dave.hansen@linux.intel.com \
    --cc=hdegoede@redhat.com \
    --cc=hpa@zytor.com \
    --cc=kirill.shutemov@linux.intel.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mgross@linux.intel.com \
    --cc=mingo@redhat.com \
    --cc=platform-driver-x86@vger.kernel.org \
    --cc=sathyanarayanan.kuppuswamy@linux.intel.com \
    --cc=tglx@linutronix.de \
    --cc=tony.luck@intel.com \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.