From: David Laight <David.Laight@ACULAB.COM> To: 'Joerg Roedel' <joro@8bytes.org>, "x86@kernel.org" <x86@kernel.org>, Hyunwook Baek <baekhw@google.com> Cc: Joerg Roedel <jroedel@suse.de>, "stable@vger.kernel.org" <stable@vger.kernel.org>, "hpa@zytor.com" <hpa@zytor.com>, Andy Lutomirski <luto@kernel.org>, Dave Hansen <dave.hansen@linux.intel.com>, Peter Zijlstra <peterz@infradead.org>, Jiri Slaby <jslaby@suse.cz>, Dan Williams <dan.j.williams@intel.com>, Tom Lendacky <thomas.lendacky@amd.com>, "Juergen Gross" <jgross@suse.com>, Kees Cook <keescook@chromium.org>, David Rientjes <rientjes@google.com>, Cfir Cohen <cfir@google.com>, Erdem Aktas <erdemaktas@google.com>, Masami Hiramatsu <mhiramat@kernel.org>, Mike Stunes <mstunes@vmware.com>, Sean Christopherson <seanjc@google.com>, Martin Radev <martin.b.radev@gmail.com>, Arvind Sankar <nivedita@alum.mit.edu>, "linux-coco@lists.linux.dev" <linux-coco@lists.linux.dev>, "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>, "kvm@vger.kernel.org" <kvm@vger.kernel.org>, "virtualization@lists.linux-foundation.org" <virtualization@lists.linux-foundation.org> Subject: RE: [PATCH 3/6] x86/sev-es: Use __put_user()/__get_user Date: Wed, 12 May 2021 08:04:33 +0000 [thread overview] Message-ID: <0496626f018d4d27a8034a4822170222@AcuMS.aculab.com> (raw) In-Reply-To: <20210512075445.18935-4-joro@8bytes.org> From: Joerg > Sent: 12 May 2021 08:55 > > From: Joerg Roedel <jroedel@suse.de> > > The put_user() and get_user() functions do checks on the address which is > passed to them. They check whether the address is actually a user-space > address and whether its fine to access it. They also call might_fault() > to indicate that they could fault and possibly sleep. > > All of these checks are neither wanted nor required in the #VC exception > handler, which can be invoked from almost any context and also for MMIO > instructions from kernel space on kernel memory. All the #VC handler > wants to know is whether a fault happened when the access was tried. > > This is provided by __put_user()/__get_user(), which just do the access > no matter what. That can't be right at all. __put/get_user() are only valid on user addresses and will try to fault in a missing page - so can sleep. At best this is abused the calls. David > Fixes: f980f9c31a92 ("x86/sev-es: Compile early handler code into kernel image") > Cc: stable@vger.kernel.org # v5.10+ > Signed-off-by: Joerg Roedel <jroedel@suse.de> > --- > arch/x86/kernel/sev.c | 16 ++++++++-------- > 1 file changed, 8 insertions(+), 8 deletions(-) > > diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c > index 6530a844eb61..110b39345b40 100644 > --- a/arch/x86/kernel/sev.c > +++ b/arch/x86/kernel/sev.c > @@ -342,22 +342,22 @@ static enum es_result vc_write_mem(struct es_em_ctxt *ctxt, > switch (size) { > case 1: > memcpy(&d1, buf, 1); > - if (put_user(d1, target)) > + if (__put_user(d1, target)) > goto fault; > break; > case 2: > memcpy(&d2, buf, 2); > - if (put_user(d2, target)) > + if (__put_user(d2, target)) > goto fault; > break; > case 4: > memcpy(&d4, buf, 4); > - if (put_user(d4, target)) > + if (__put_user(d4, target)) > goto fault; > break; > case 8: > memcpy(&d8, buf, 8); > - if (put_user(d8, target)) > + if (__put_user(d8, target)) > goto fault; > break; > default: > @@ -396,22 +396,22 @@ static enum es_result vc_read_mem(struct es_em_ctxt *ctxt, > > switch (size) { > case 1: > - if (get_user(d1, s)) > + if (__get_user(d1, s)) > goto fault; > memcpy(buf, &d1, 1); > break; > case 2: > - if (get_user(d2, s)) > + if (__get_user(d2, s)) > goto fault; > memcpy(buf, &d2, 2); > break; > case 4: > - if (get_user(d4, s)) > + if (__get_user(d4, s)) > goto fault; > memcpy(buf, &d4, 4); > break; > case 8: > - if (get_user(d8, s)) > + if (__get_user(d8, s)) > goto fault; > memcpy(buf, &d8, 8); > break; > -- > 2.31.1 - Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK Registration No: 1397386 (Wales)
next prev parent reply other threads:[~2021-05-12 8:04 UTC|newest] Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-05-12 7:54 [PATCH 0/6] x86/sev-es: Fixes for SEV-ES guest support Joerg Roedel 2021-05-12 7:54 ` [PATCH 1/6] x86/sev-es: Don't return NULL from sev_es_get_ghcb() Joerg Roedel 2021-05-12 7:54 ` [PATCH 2/6] x86/sev-es: Forward page-faults which happen during emulation Joerg Roedel 2021-05-12 17:31 ` Sean Christopherson 2021-05-19 13:16 ` Joerg Roedel 2021-05-12 7:54 ` [PATCH 3/6] x86/sev-es: Use __put_user()/__get_user Joerg Roedel 2021-05-12 8:04 ` David Laight [this message] 2021-05-12 8:16 ` Juergen Gross 2021-05-12 8:50 ` 'Joerg Roedel' 2021-05-12 8:58 ` Juergen Gross 2021-05-12 9:31 ` David Laight 2021-05-12 9:32 ` Joerg Roedel 2021-05-19 11:33 ` 'Joerg Roedel' 2021-05-12 8:37 ` 'Joerg Roedel' 2021-05-12 15:59 ` Dave Hansen 2021-05-12 15:57 ` Dave Hansen 2021-05-12 16:00 ` Joerg Roedel 2021-05-12 7:54 ` [PATCH 4/6] Revert "x86/sev-es: Handle string port IO to kernel memory properly" Joerg Roedel 2021-05-12 17:38 ` Sean Christopherson 2021-05-19 12:22 ` Joerg Roedel 2021-05-12 7:54 ` [PATCH 5/6] x86/sev-es: Fix error message in runtime #VC handler Joerg Roedel 2021-05-12 7:54 ` [PATCH 6/6] x86/sev-es: Leave NMI-mode before sending signals Joerg Roedel
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=0496626f018d4d27a8034a4822170222@AcuMS.aculab.com \ --to=david.laight@aculab.com \ --cc=baekhw@google.com \ --cc=cfir@google.com \ --cc=dan.j.williams@intel.com \ --cc=dave.hansen@linux.intel.com \ --cc=erdemaktas@google.com \ --cc=hpa@zytor.com \ --cc=jgross@suse.com \ --cc=joro@8bytes.org \ --cc=jroedel@suse.de \ --cc=jslaby@suse.cz \ --cc=keescook@chromium.org \ --cc=kvm@vger.kernel.org \ --cc=linux-coco@lists.linux.dev \ --cc=linux-kernel@vger.kernel.org \ --cc=luto@kernel.org \ --cc=martin.b.radev@gmail.com \ --cc=mhiramat@kernel.org \ --cc=mstunes@vmware.com \ --cc=nivedita@alum.mit.edu \ --cc=peterz@infradead.org \ --cc=rientjes@google.com \ --cc=seanjc@google.com \ --cc=stable@vger.kernel.org \ --cc=thomas.lendacky@amd.com \ --cc=virtualization@lists.linux-foundation.org \ --cc=x86@kernel.org \ --subject='RE: [PATCH 3/6] x86/sev-es: Use __put_user()/__get_user' \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).