From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.4 required=3.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_IN_DEF_DKIM_WL autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 54C76C43331 for ; Tue, 12 Nov 2019 22:23:20 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 2A34021E6F for ; Tue, 12 Nov 2019 22:23:20 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="CeWVqyPz" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726962AbfKLWXT (ORCPT ); Tue, 12 Nov 2019 17:23:19 -0500 Received: from mail-io1-f67.google.com ([209.85.166.67]:44746 "EHLO mail-io1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726896AbfKLWXT (ORCPT ); Tue, 12 Nov 2019 17:23:19 -0500 Received: by mail-io1-f67.google.com with SMTP id j20so131142ioo.11 for ; Tue, 12 Nov 2019 14:23:18 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=kbZ0FLEIJqgDx32ZuWy0vmHvCIKwfGbPT6f4crP6il4=; b=CeWVqyPzHeOhROoKK0J3Fdo/f76ed5+fmpKwaBgWiZqVDAbXxMQAHBc3Lfxh1AIiyM lFLjI4oOwsKRwzX8bvRIYMTnj8UYpVCVYjvPJynCVVewHryQND+dBS3jEvMe1RjlsY0/ yPMQH9sjPQUBRYEdl24nXBlrj4Q5Q5SujTGHbgOQD8mhO5GJ+j/N9zffO7A1z/+25RJl 9OX4jcRNIuNaWo5wrV9aWpuLDKUGRZnRAqNfpv0/x23e4cwxKJ1ogN1wpi6RbyriQCop a9HuGZZG7JzYy67xTdUTIVmhOtCoNvaQUd+Sv+zmTUGfTz/M1NYwcCdYWshj+QF489ON TBsg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=kbZ0FLEIJqgDx32ZuWy0vmHvCIKwfGbPT6f4crP6il4=; b=gL+aDjGRR/RkzNucj+WVnFY8J8hIFuIqkGFWqs8KiDk6SnlGwJJw1hTMOb1BlcgHqn iQQ6DRf+vrih2EakGtIYrc1xN221OCbHRSihepIJvr0D+s4dXWgx7H4+NgS0tA/aImf3 Ivtc2spc0b74Et5bRXH4c7t+3QxrhTCSFOJ3sIWl2/TWcxKJpX17hnhY72jmVEr+4llm 18W72qr3qgCu5u1KJcdHtKU2aRNCA8/M7O0+y/4hPQARWx5jp0TyH63+nchXf8j1rFmU qVABR/YVU0UvIiZMiYg2bp2toIe8+wvWzmqZb/O9Weg8tBngCJN80lDj3gI+2SHMPW2B 3rgQ== X-Gm-Message-State: APjAAAXbYV71DK700886eQvWGd+ZH3/NGJw0Uvto5CKpf5Q030mONhPE pxaEOGWzjolj1fw2Halu9XALXZmHQ10T5oWsUAmqwQ== X-Google-Smtp-Source: APXvYqypWtcoEAVe1rmRQXFP0GxfFoIz/oTB3CdmlIdpAOChTwJSW+V8HVU26HCt6ORtpz9NYpp10toDfp0GJDhpUzI= X-Received: by 2002:a6b:c9ce:: with SMTP id z197mr315197iof.14.1573597398002; Tue, 12 Nov 2019 14:23:18 -0800 (PST) MIME-Version: 1.0 References: <20190710201244.25195-1-brijesh.singh@amd.com> <20190710201244.25195-3-brijesh.singh@amd.com> In-Reply-To: <20190710201244.25195-3-brijesh.singh@amd.com> From: Peter Gonda Date: Tue, 12 Nov 2019 14:23:06 -0800 Message-ID: Subject: Re: [PATCH v3 02/11] KVM: SVM: Add KVM_SEND_UPDATE_DATA command To: "Singh, Brijesh" Cc: "kvm@vger.kernel.org" , Thomas Gleixner , Ingo Molnar , "H. Peter Anvin" , Paolo Bonzini , =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= , Joerg Roedel , Borislav Petkov , "Lendacky, Thomas" , "x86@kernel.org" , "linux-kernel@vger.kernel.org" Content-Type: text/plain; charset="UTF-8" Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org On Wed, Jul 10, 2019 at 1:14 PM Singh, Brijesh wrote: > +static int sev_send_update_data(struct kvm *kvm, struct kvm_sev_cmd *argp) > +{ > + struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info; > + struct sev_data_send_update_data *data; > + struct kvm_sev_send_update_data params; > + void *hdr = NULL, *trans_data = NULL; > + struct page **guest_page = NULL; > + unsigned long n; > + int ret, offset; > + > + if (!sev_guest(kvm)) > + return -ENOTTY; > + > + if (copy_from_user(¶ms, (void __user *)(uintptr_t)argp->data, > + sizeof(struct kvm_sev_send_update_data))) > + return -EFAULT; > + > + data = kzalloc(sizeof(*data), GFP_KERNEL); > + if (!data) > + return -ENOMEM; > + > + /* userspace wants to query either header or trans length */ > + if (!params.trans_len || !params.hdr_len) > + goto cmd; > + > + ret = -EINVAL; > + if (!params.trans_uaddr || !params.guest_uaddr || > + !params.guest_len || !params.hdr_uaddr) > + goto e_free; > + > + /* Check if we are crossing the page boundry */ > + ret = -EINVAL; > + offset = params.guest_uaddr & (PAGE_SIZE - 1); > + if ((params.guest_len + offset > PAGE_SIZE)) > + goto e_free; > + > + ret = -ENOMEM; > + hdr = kmalloc(params.hdr_len, GFP_KERNEL); > + if (!hdr) > + goto e_free; Should we be checking params.hdr_len against SEV_FW_BLOB_MAX_SIZE? > + > + data->hdr_address = __psp_pa(hdr); > + data->hdr_len = params.hdr_len; > + > + ret = -ENOMEM; > + trans_data = kmalloc(params.trans_len, GFP_KERNEL); > + if (!trans_data) > + goto e_free; Ditto, should we be checking params.hdr_len against SEV_FW_BLOB_MAX_SIZE?