All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH v1 1/1] s390/uvdevice: Report additional-data length for attestation
@ 2023-11-06 12:31 Steffen Eiden
  0 siblings, 0 replies; 3+ messages in thread
From: Steffen Eiden @ 2023-11-06 12:31 UTC (permalink / raw)
  To: linux-s390; +Cc: Janosch Frank, Claudio Imbrenda

Additional data length in the attestation request is an in/out variable.
Software provides the capacity of the buffer. Upon successful request,
firmware reports the actual bytes written to the additional data in that
field. This information is lost, as the length field was not copied back
to userspace before. Attestation might fail, if user space did not
specify the exact amount of needed bytes required, as this length is
part of the attestation measurement.

Signed-off-by: Steffen Eiden <seiden@linux.ibm.com>
---
 drivers/s390/char/uvdevice.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/drivers/s390/char/uvdevice.c b/drivers/s390/char/uvdevice.c
index 144cd2e03590..42c9f77f8da0 100644
--- a/drivers/s390/char/uvdevice.c
+++ b/drivers/s390/char/uvdevice.c
@@ -109,6 +109,7 @@ static int uvio_copy_attest_result_to_user(struct uv_cb_attest *uvcb_attest,
 					   struct uvio_attest *uvio_attest)
 {
 	struct uvio_attest __user *user_uvio_attest = (void __user *)uv_ioctl->argument_addr;
+	u32 __user *user_buf_add_len = (u32 __user *)&user_uvio_attest->add_data_len;
 	void __user *user_buf_add = (void __user *)uvio_attest->add_data_addr;
 	void __user *user_buf_meas = (void __user *)uvio_attest->meas_addr;
 	void __user *user_buf_uid = &user_uvio_attest->config_uid;
@@ -117,6 +118,8 @@ static int uvio_copy_attest_result_to_user(struct uv_cb_attest *uvcb_attest,
 		return -EFAULT;
 	if (add_data && copy_to_user(user_buf_add, add_data, uvio_attest->add_data_len))
 		return -EFAULT;
+	if (put_user(uvio_attest->add_data_len, user_buf_add_len))
+		return -EFAULT;
 	if (copy_to_user(user_buf_uid, uvcb_attest->config_uid, sizeof(uvcb_attest->config_uid)))
 		return -EFAULT;
 	return 0;
-- 
2.39.2


^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [PATCH v1 1/1] s390/uvdevice: Report additional-data length for attestation
  2023-11-06 12:49 Steffen Eiden
@ 2023-11-06 12:50 ` Claudio Imbrenda
  0 siblings, 0 replies; 3+ messages in thread
From: Claudio Imbrenda @ 2023-11-06 12:50 UTC (permalink / raw)
  To: Steffen Eiden; +Cc: linux-kernel, linux-s390, Janosch Frank

On Mon,  6 Nov 2023 13:49:22 +0100
Steffen Eiden <seiden@linux.ibm.com> wrote:

> Additional data length in the attestation request is an in/out variable.
> Software provides the capacity of the buffer. Upon successful request,
> firmware reports the actual bytes written to the additional data in that
> field. This information is lost, as the length field was not copied back
> to userspace before. Attestation might fail, if user space did not
> specify the exact amount of needed bytes required, as this length is
> part of the attestation measurement.
> 
> Signed-off-by: Steffen Eiden <seiden@linux.ibm.com>

Reviewed-by: Claudio Imbrenda <imbrenda@linux.ibm.com>

> ---
>  drivers/s390/char/uvdevice.c | 3 +++
>  1 file changed, 3 insertions(+)
> 
> diff --git a/drivers/s390/char/uvdevice.c b/drivers/s390/char/uvdevice.c
> index 144cd2e03590..42c9f77f8da0 100644
> --- a/drivers/s390/char/uvdevice.c
> +++ b/drivers/s390/char/uvdevice.c
> @@ -109,6 +109,7 @@ static int uvio_copy_attest_result_to_user(struct uv_cb_attest *uvcb_attest,
>  					   struct uvio_attest *uvio_attest)
>  {
>  	struct uvio_attest __user *user_uvio_attest = (void __user *)uv_ioctl->argument_addr;
> +	u32 __user *user_buf_add_len = (u32 __user *)&user_uvio_attest->add_data_len;
>  	void __user *user_buf_add = (void __user *)uvio_attest->add_data_addr;
>  	void __user *user_buf_meas = (void __user *)uvio_attest->meas_addr;
>  	void __user *user_buf_uid = &user_uvio_attest->config_uid;
> @@ -117,6 +118,8 @@ static int uvio_copy_attest_result_to_user(struct uv_cb_attest *uvcb_attest,
>  		return -EFAULT;
>  	if (add_data && copy_to_user(user_buf_add, add_data, uvio_attest->add_data_len))
>  		return -EFAULT;
> +	if (put_user(uvio_attest->add_data_len, user_buf_add_len))
> +		return -EFAULT;
>  	if (copy_to_user(user_buf_uid, uvcb_attest->config_uid, sizeof(uvcb_attest->config_uid)))
>  		return -EFAULT;
>  	return 0;


^ permalink raw reply	[flat|nested] 3+ messages in thread
* [PATCH v1 1/1] s390/uvdevice: Report additional-data length for attestation
@ 2023-11-06 12:49 Steffen Eiden
  2023-11-06 12:50 ` Claudio Imbrenda
  0 siblings, 1 reply; 3+ messages in thread
From: Steffen Eiden @ 2023-11-06 12:49 UTC (permalink / raw)
  To: linux-kernel, linux-s390; +Cc: Janosch Frank, Claudio Imbrenda

Additional data length in the attestation request is an in/out variable.
Software provides the capacity of the buffer. Upon successful request,
firmware reports the actual bytes written to the additional data in that
field. This information is lost, as the length field was not copied back
to userspace before. Attestation might fail, if user space did not
specify the exact amount of needed bytes required, as this length is
part of the attestation measurement.

Signed-off-by: Steffen Eiden <seiden@linux.ibm.com>
---
 drivers/s390/char/uvdevice.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/drivers/s390/char/uvdevice.c b/drivers/s390/char/uvdevice.c
index 144cd2e03590..42c9f77f8da0 100644
--- a/drivers/s390/char/uvdevice.c
+++ b/drivers/s390/char/uvdevice.c
@@ -109,6 +109,7 @@ static int uvio_copy_attest_result_to_user(struct uv_cb_attest *uvcb_attest,
 					   struct uvio_attest *uvio_attest)
 {
 	struct uvio_attest __user *user_uvio_attest = (void __user *)uv_ioctl->argument_addr;
+	u32 __user *user_buf_add_len = (u32 __user *)&user_uvio_attest->add_data_len;
 	void __user *user_buf_add = (void __user *)uvio_attest->add_data_addr;
 	void __user *user_buf_meas = (void __user *)uvio_attest->meas_addr;
 	void __user *user_buf_uid = &user_uvio_attest->config_uid;
@@ -117,6 +118,8 @@ static int uvio_copy_attest_result_to_user(struct uv_cb_attest *uvcb_attest,
 		return -EFAULT;
 	if (add_data && copy_to_user(user_buf_add, add_data, uvio_attest->add_data_len))
 		return -EFAULT;
+	if (put_user(uvio_attest->add_data_len, user_buf_add_len))
+		return -EFAULT;
 	if (copy_to_user(user_buf_uid, uvcb_attest->config_uid, sizeof(uvcb_attest->config_uid)))
 		return -EFAULT;
 	return 0;
-- 
2.39.2


^ permalink raw reply related	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-11-06 12:50 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-11-06 12:31 [PATCH v1 1/1] s390/uvdevice: Report additional-data length for attestation Steffen Eiden
2023-11-06 12:49 Steffen Eiden
2023-11-06 12:50 ` Claudio Imbrenda

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.