Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751400AbdIMSXV (ORCPT <rfc822;w@1wt.eu>);
        Wed, 13 Sep 2017 14:23:21 -0400
Received: from mail-bn3nam01on0047.outbound.protection.outlook.com ([104.47.33.47]:26944
        "EHLO NAM01-BN3-obe.outbound.protection.outlook.com"
        rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
        id S1751106AbdIMSXS (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 13 Sep 2017 14:23:18 -0400
Authentication-Results: spf=none (sender IP is )
 smtp.mailfrom=brijesh.singh@amd.com; 
Cc: brijesh.singh@amd.com, linux-kernel@vger.kernel.org, x86@kernel.org,
        kvm@vger.kernel.org, Thomas Gleixner <tglx@linutronix.de>,
        Borislav Petkov <bp@suse.de>, Joerg Roedel <joro@8bytes.org>,
        "Michael S . Tsirkin" <mst@redhat.com>,
        Paolo Bonzini <pbonzini@redhat.com>,
        =?UTF-8?B?XCJSYWRpbSBLcsSNbcOhxZlcIg==?= <rkrcmar@redhat.com>,
        Tom Lendacky <thomas.lendacky@amd.com>
Subject: Re: [RFC Part2 PATCH v3 15/26] KVM: SVM: Add support for SEV
 LAUNCH_START command
To: Borislav Petkov <bp@alien8.de>
References: <20170724200303.12197-1-brijesh.singh@amd.com>
 <20170724200303.12197-16-brijesh.singh@amd.com>
 <20170913172510.azjkur3wsvat32aq@pd.tnic>
From: Brijesh Singh <brijesh.singh@amd.com>
Message-ID: <23c14fd9-f935-3bcd-412c-49889a94134a@amd.com>
Date: Wed, 13 Sep 2017 13:23:08 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.2.1
MIME-Version: 1.0
In-Reply-To: <20170913172510.azjkur3wsvat32aq@pd.tnic>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-Originating-IP: [165.204.77.1]
X-ClientProxiedBy: MWHPR1701CA0018.namprd17.prod.outlook.com
 (2603:10b6:301:14::28) To DM2PR12MB0156.namprd12.prod.outlook.com
 (2a01:111:e400:50ce::19)
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 70d00d59-1fd7-4d69-a8e6-08d4fad47f6d
X-MS-Office365-Filtering-HT: Tenant
X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(2017030254152)(48565401081)(300000503095)(300135400095)(2017052603199)(201703131423075)(201703031133081)(201702281549075)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095);SRVR:DM2PR12MB0156;
X-Microsoft-Exchange-Diagnostics: 1;DM2PR12MB0156;3:cmVUjzAGcpq2w1Sln/E57mhE+VJ1Pi/tWQzjQaZi68pjN0ZBcSnWAJ1ay2Mm/KILcDfXJX3tvyFJjkApR2Stpi8SvZiX4xXwX2kvtlRHH1n+aIDJTWdWmZpr181Ulu2rX+YZNQ+VY6RQU+oHw3xb/ujTARZ9f3BgzYhafryzBj9c02e49aQXCoO6u31hBu5usTRzCdIEQKngytdLHxjERn2rBsDgFnVS/pk3Pdw4mqCW3+hLP4KFGXidjw+hI828;25:N7XLECwtv0OJOcCinXKfuIpy5ITL3VXRutpWoM4Mp69S3hgklOaOXPqkoysl3U5sJNGMoQr5xFNHftDTwKdawDkxGDjnV3H7ib+mEing+AzFrcmUsiBgMcMfsz7e9ohIS7eIJ251beEv8lbYC1oOBZaG6WDQ8aCzXx0Lhf43TFYpC/PK5be0vvQCKmofGGa0yUEswq7FCr/BaspSYVVoxgSuUYygS+Vfg7t3ut/qa6WC7ZAF7HsKlufbJ25E+F1kZtz7r1vYAV0253NOKy0/niQgj2xYfWQXDQkcUQJ4X8/zjTfuf3VXOU/Ls3oWqssPawPLttery+D9K6c4VTeyTQ==;31:T5KR29sWON0K5S3wAFbmzplt5LlSum4R8cybKqhxVCsGwTq3GuyTS8Jfog08rrv9A3kadhoXJ8P/vNVOgLi42uUCyMmvuNprKW5JTDN1Qb7NyUSUp2GrruYlPMHpcTStK4NSA2IEmE6T0i5+gTtcNam8kgaSuxSKaGL3FxrdTv29yKXr5vtge1NtS28CLK/d7ohMZlajmTtgK5BQs1JbGYif/Qo3rdOll/JoawmRm74=
X-MS-TrafficTypeDiagnostic: DM2PR12MB0156:
X-Microsoft-Exchange-Diagnostics: 1;DM2PR12MB0156;20:KFqqGIiCCZ1kaxMKd72qfOsfS+BtX+DO4f1XWJPtCNfi+aERpRfmjSPvauLK3iloqTNxfQLuKwYveYEGsgbeYt2y0/EwguWUm83ICIY65X8VJ34ULj4J8QSuRdAt3rcvSUZgv2oD1hQeRvUJh26Q9aOPMbPSuTn5k/5RNwSR6z8ugwf6M7tZOJz2ZI57GOTKoGquqm9nxxEENA/5mytM1+RA6Zqpx7BcgtaKLA/XLcc6I7NqeTggirQfrnf01IzOIF1YbDKUCyfeTaiLOhZblY85nkHEpWFWHcxs/o/WTqas0VlRbV0XgEEE2bXrwo+gdXGxbdyTpmyQ7U37kWy1spFAXYvSxeuUu8DqknrSKjclDg+J/hoTwDyTS53NMhADdjF8bSQBOcClkhcD6vv0FY2mEhiIcJ0IqDS7mzmy3HeSVLhigAPv2CUxTbkdkjftb3t5dtkFFxYHNXmU+9uPHeeKWH/fwzanO5dlNf+aEO9pMKxySfORWZvHnxH9aF8B;4:25NUp3Owxu0zkNx2xA8AOdP3v2PWY11OBO5TEPbyfG4t5UmXs7uQnE86R6bmkCTj8s5ZC5/W2CAT2Xks+c7p+1S9K1SQVxyrV8Yn47K87OBoJ+IrJCAXgmyQl5xc3OC7+HmZIuBetbz1GCOFs957TdR6cQZFu5JDquFWXWMCXwGA6V7KsdxbTig6jcKO4MAFgT+yuYwm+2FLTPl9tc66LuJgcWuVRo6euXoenxTPW//1XGLa4Nyym5oLSW7BGDqF
X-Exchange-Antispam-Report-Test: UriScan:;
X-Microsoft-Antispam-PRVS: <DM2PR12MB0156644341C1FB71E4E8A2BFE56E0@DM2PR12MB0156.namprd12.prod.outlook.com>
X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(6040450)(2401047)(5005006)(8121501046)(100000703101)(100105400095)(10201501046)(93006095)(93001095)(3002001)(6055026)(6041248)(20161123560025)(20161123562025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123564025)(20161123558100)(20161123555025)(6072148)(201708071742011)(100000704101)(100105200095)(100000705101)(100105500095);SRVR:DM2PR12MB0156;BCL:0;PCL:0;RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095);SRVR:DM2PR12MB0156;
X-Forefront-PRVS: 042957ACD7
X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(6009001)(6049001)(39860400002)(376002)(346002)(377454003)(189002)(199003)(24454002)(4001350100001)(81156014)(110136004)(16576012)(8676002)(6246003)(83506001)(16526017)(81166006)(478600001)(54906002)(50466002)(53546010)(97736004)(64126003)(66066001)(65806001)(86362001)(65956001)(31696002)(7736002)(47776003)(7416002)(8936002)(316002)(2906002)(53936002)(305945005)(4326008)(230700001)(5660300001)(229853002)(50986999)(106356001)(76176999)(105586002)(65826007)(33646002)(54356999)(189998001)(3846002)(68736007)(101416001)(6486002)(6666003)(2950100002)(31686004)(23676002)(77096006)(6916009)(36756003)(6116002)(25786009);DIR:OUT;SFP:1101;SCL:1;SRVR:DM2PR12MB0156;H:[10.236.136.62];FPR:;SPF:None;PTR:InfoNoRecords;MX:1;A:1;LANG:en;
X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtETTJQUjEyTUIwMTU2OzIzOlYyU21PelpLTHF3ejFGZVlMZzlFK0ZDcTIz?=
 =?utf-8?B?dlRJVU52dXdEZkUwMW84S1BUZUNyVk01cklxT1pEdDhvelNzNVVYQ1BJSWdX?=
 =?utf-8?B?RCtRQ2d6Q3BoMkdnbkdnSW02TTY2Z0lTd3F3T0NNVkU1SEQ3bC9oc1VISDR2?=
 =?utf-8?B?Skd6azE4V29XZGxPT2JwdWpxaitHdlNiTzM5NXRxMk1rblZpZWlkZHFBUGt1?=
 =?utf-8?B?eVVQZlc3cC85VmlWY1FuOU12ZDJ1a0YrUFo4R3VlYUo5VnhQVll2cXJsZ2tq?=
 =?utf-8?B?VnFYVk51NU1vbkJaNzJRNVhKNjhxMzNabWxMK29sakZKNU1YK25ZTWpnaFJH?=
 =?utf-8?B?MkJQTVk2QXcrVklOM2RWREpUL1lkRjZJRXNWQlM5TkFRcDQzVUFVK0hxSVZw?=
 =?utf-8?B?RndQSWpXalpxejd3WXpSRVlVUElQcjQ3U3Z3UW5xSUI4SjNFN3A5amVpczUr?=
 =?utf-8?B?aGxDVmg0SExSa3Fxb3ozMmRROG9YTGVRaUN5c2M0dnl2eGhaeEVaVzJrWVVN?=
 =?utf-8?B?RUpleHIrVHpSMmZQajh2NXlLM01pOHdzM2RtY3NYZ3BVR2liRHVPWE8xQXNN?=
 =?utf-8?B?VEVEd212TXZyWWtqWUVUVUxydnlkc1NyZkFDMiszUjJFanlFcFNMMzlqK0c1?=
 =?utf-8?B?bThyUnR0dEdqSlIvbDVqam91cFYyWm4wNUNlaGMrSW9Od3RDV0IrUmN3N010?=
 =?utf-8?B?SllCN0ZwaHBZTk10d1Qra1NCK2luMmk5UCs2RUNpRWdsZjgxWGZZazlRVnlX?=
 =?utf-8?B?UTcxVjEwWXJQOExuRG1lOElJelBCZENPTEhBcUNDWDVQQ0V0eGgyYmMwR3kv?=
 =?utf-8?B?cTMwOTc2NTFYMVJQMk9zb3V3WnZSTHR3RE56OWNkTi9NTjIxdUJVcWlCTmtr?=
 =?utf-8?B?OXhSSVBCbWlVTTc0VjR6bWRFdEQ4MFBMOC9IZlJYWk04UWRSMXNDRkxBdTZy?=
 =?utf-8?B?VGkyZ3g2NHFwZ1BLcHh5Z1ZmTS84d1NHbkRWTUpneWFYYlNtQkJQTlVQdU1F?=
 =?utf-8?B?SzN6alhNYVVsK0lUQmtYMTltZE9FNWZxM094RjVYNENkR2hxRVhySHAvOFNX?=
 =?utf-8?B?NTZsZXd4WjAvQTQzNEg0UXZtUFdSSHlPd0dqbFUvSkRIN1FtRFFUMGl4ZndY?=
 =?utf-8?B?SU1zVXB0Q0lxM2RVcU1HYW5oN2orTXBneDZlT0R2cHdpUVJwY05tQWYrOFc5?=
 =?utf-8?B?UlI1aVJhVWtmU2g3S1Vobkk0VHBDUXNYV2ZqYWRpUjJMQ1N5NkNBWUtMNUlU?=
 =?utf-8?B?ODVaSHpjRjVobzU1VkFaL2FEMy81QnNqbVZMeVY4Wm9NQlFqZ0s0TFVEWmlT?=
 =?utf-8?B?K0tKSmI4Y1Q0NlZhTDJUWitFWno2d21YbWpwaVVCaWpDdm5aQzd3d2pNdGVQ?=
 =?utf-8?B?dURqWHE5Sm9wYW12eWxWMWdGdFRibWcvbExOelFiam1UVFBXZnFJais0UHYx?=
 =?utf-8?B?YkI1SGc4M2s5WlZXdENJcWRTTTZUcS9VaVQ5MU1EOThSOTVjWUtjcXFpeWhP?=
 =?utf-8?B?bXNuRmpCQXVISVhlb1pXaEQ5ZzBpYVZUdlBlOEp1MFdnR1owaGtlN3ZUWFpS?=
 =?utf-8?B?bWNqNW1LRmhXVFFSbFpKTDNJL0JuckpFdUFZV285d0RQTzFkVGNiUkNoMHZN?=
 =?utf-8?B?SkFQdWhOK3lyTmRJR3pxTXU0NmVYa1hWZFJldndlaTBxdmwvc241U1RNK2NG?=
 =?utf-8?B?ZllRNnJGTU5EamFDekREVjJ1WE4xaFpDNUFieEJtaG5KdXBMWmZYRVNoMXNo?=
 =?utf-8?B?ajU5ZXhNV250WUJ1TFBMSmxqWkJhU0hmMEluUjNobWtwVS92TWQ0Uy9HN3pW?=
 =?utf-8?B?cFU2SjJKb1NCMlM0ME45NzR0NDNsTzZscmE2QTZjVVFNU0dxYTRSU1NhRUV0?=
 =?utf-8?B?aTR3dVZvZ2RYd3RrUFRieDMxdE9xOWVzUWNBS0VPdEhxc1lJUzgvdlMrQjVK?=
 =?utf-8?Q?l7dvD08JV9zlfsQNgklbLFaw+7+gS0=3D?=
X-Microsoft-Exchange-Diagnostics: 1;DM2PR12MB0156;6:8veK38b4nM82l80aDrEWX3SnVvH4LF/TRrvN8XTWJCyEqSAU3aSZDof0t8q3yHZ01L8Zj+JuCwLx1jm+AJwQ97jQP11AaTE7sGJcGv9HIGReGanXQz7dBKGlhQbhI+yHW1AQ4/JrfQmmC/zq+mSd45fPBwY0kPYW4KeQ9e0Unf/r0/EUzMRbuNuXdM+oDHK7kXRLOr4qXiheDvRMWM2l1JI7mnnDZCDtU1C9w0yvhAz3Zoy8d06gSN1QZ2mQebfsEW65NFCRZM0Lsf6tQceWxhL0ZVVTX+MifI6H9xN4M68QBzajYZgyVEINpivZ1YaJwhJMdmU9aOuIL1DdS3ISpg==;5:1Y4wn/54QVRGqAnmK8vDiOP2QbYQADURP2lgs+da4ZtYWQS3eKQVsihLtMAmpPKHNrLO6focCrfbUv6SsNYv6nYd3FA0k1Ppa4RmJfNg/BMGsUi93bpsYd3gd9l4/Pv6YKtFUvTUAJKe8diL28BKZA==;24:X2GY4oYF6IxZ3iz87yusIro+XETaDB7ndvmqoHUHI6JCW7aVma+dQcFgkiDM9OHZv9pTVbOU0bKLQ8uoB/IR9K5WZ0kK+gMM51xkUaJBzXI=;7:kCozk50dbSAK7X+paFWWZ0c7kOPKSPc2ukKG9SrazdkJWcqahSUzf2xEBui8msLgjycLW489PejYx89zXNgSTA2+6V8aHBCFVRWa5HIvyPdJPV9bV8S+Ie+7s/5v4coaM+EhK4pmZTpVc/WtMCJ8uS6j7TexJcTyD7ELV43C+smSbHIer1ZPqiqZ7mSC4P68y365uieYvb26u1rBM96JZJ8a6q/gMzW51WOeNkycU1k=
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-Microsoft-Exchange-Diagnostics: 1;DM2PR12MB0156;20:PI0cgsJrGDgX02IqLHzbGPknwgE52cdhvF6gL+aZQ5oPtPiLoCYb5/pr9jpiCLAwDTXKZjVIzF55T4evxKB7UGTDvWxocbpQzsxqsCGq9KSMV39Sv7X6ETkdWkQ4uBEMJ8Jv0jhHx+SAdvuGGvd/rye7p13WG2JmSaPeb0lUhD4Eq2hFdzNkmi+7O/UGmICc4famZhtEkQH+1SagwpoW4//GNTHcU76zFEktKAkac4fQicG2KfShpg1xHc72Ynjy
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Sep 2017 18:23:12.7892 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM2PR12MB0156
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1893
Lines: 83



On 09/13/2017 12:25 PM, Borislav Petkov wrote:
...

>> +static void sev_deactivate_handle(struct kvm *kvm, int *error);
>> +static void sev_decommission_handle(struct kvm *kvm, int *error);
> 
> Please move code in a way that you don't need those forward
> declarations. Also, I'm wondering if having all the SEV-related code
> could live in sev.c or so - svm.c is humongous.
> 


Yes, svm.c is humongous.


...

>> +
>> +static void sev_decommission_handle(struct kvm *kvm, int *error)
>> +{
>> +	struct sev_data_decommission *data;
>> +
>> +	data = kzalloc(sizeof(*data), GFP_KERNEL);
> 
> Also, better on stack. Please do that for the other functions below too.


Yes, some structures are small and I don't expect them to grow in newer API
spec. We should be able to move them on the stack. I will audit the code and
make the necessary changes.


....

>> +	ret = -EFAULT;
>> +	if (copy_from_user(&params, (void *)argp->data,
>> +				sizeof(struct kvm_sev_launch_start)))
> 
> Sanity-check params. This is especially important if later we start
> using reserved fields.
> 

Yes, I will add some upper bound check on the length field and add the
sanity-check just after copying the parameters from userspace


...

>> +		goto e_free;
>> +
>> +	ret = -ENOMEM;
>> +	start = kzalloc(sizeof(*start), GFP_KERNEL);
>> +	if (!start)
>> +		goto e_free;
>> +
>> +	/* Bit 15:6 reserved, must be 0 */
>> +	start->policy = params.policy & ~0xffc0;
>> +
>> +	if (params.dh_cert_length && params.dh_cert_address) {
> 
> Yeah, we talked about this already: sanity-checking needed. But you get
> the idea.
> 

Will do

...

> 
>                  if (copy_from_user(session_addr,
> 				   (void *)params.session_address,
> 				   params.session_length))
> 
> reads better to me. Better yet if you shorten those member names into
> s_addr and s_len and so on...
> 
> 

Will use your recommendation.

thanks