Received: by 2002:a25:7ec1:0:0:0:0:0 with SMTP id z184csp1104471ybc;
        Tue, 12 Nov 2019 14:26:53 -0800 (PST)
X-Google-Smtp-Source: APXvYqzdkhAuVfe14QTj3DCgSnoQsIIvgP+rvusxlZ1oJ8qul2tw1otPyc2thg+5icUXmRezly3J
X-Received: by 2002:a50:9908:: with SMTP id k8mr60359edb.75.1573597613019;
        Tue, 12 Nov 2019 14:26:53 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1573597613; cv=none;
        d=google.com; s=arc-20160816;
        b=WyISvZahD453FuWoW5liYFNoNYesZKok3hb9Bz2JMlw9hFz/ReuPEIzHKijl9qW5gw
         hGgtf0WfOnPq5Up1hgDxV4ptpE2HNKvrzxownkORsC5b6VMhlgU9dayto+MLl/BfUeTQ
         Uor4TbeuPqPVjPum+yOI1HnvuXHtiX7MB/nYhw74Sqt0XWFTOHxmv10dKPGR+Kn2hEmp
         YMfCmxR5JLiflJP/KsxWnU+4whzNmrpn3qLaaf/A03ZOXXTmwZiFyJp6c5BbyKEIjmJO
         VUDbTWlxF/2bihwMYwD8TTUwG13zJT/uNiSs4CZZ6coBbKfUReThdg4qvDTKRDG7jv1X
         lc7g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature;
        bh=kbZ0FLEIJqgDx32ZuWy0vmHvCIKwfGbPT6f4crP6il4=;
        b=QQFt4Cdby8XRwtBK74tD4du9jY2cRDkFUsvaT2xg7khhTFtqsnDNhhXHDsrArAeIGa
         vLaYENjUVwq5wU78+YgAulbt6PfeY/35r+ObozOFxPYz9S0isxvvNocFMYw/oKpTRE+/
         6xl4Gi86xUF7qpT/QE+eboOXC6UVR3g5zcyhxAs2upX5KpuHcUnRi68VjtDaWCZ2GLYz
         lSynCLYhYtccvtX6Cv2Kr7NNh/TJHxxN20zSoHobBA9IDrLdMWU3ThI+ZDq5h2KBhT10
         nr4khoVRZ52uH4OhqR992Jho1sCrZX9F0XYTxH2kgR697iablYhI/G/hFLPc3GZu4M/v
         mHCA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=CeWVqyPz;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id p17si910522ejb.9.2019.11.12.14.26.28;
        Tue, 12 Nov 2019 14:26:53 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=CeWVqyPz;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727021AbfKLWXV (ORCPT <rfc822;vipinmukundan46@gmail.com>
        + 99 others); Tue, 12 Nov 2019 17:23:21 -0500
Received: from mail-io1-f66.google.com ([209.85.166.66]:34394 "EHLO
        mail-io1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726896AbfKLWXU (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 12 Nov 2019 17:23:20 -0500
Received: by mail-io1-f66.google.com with SMTP id q83so198735iod.1
        for <linux-kernel@vger.kernel.org>; Tue, 12 Nov 2019 14:23:18 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=kbZ0FLEIJqgDx32ZuWy0vmHvCIKwfGbPT6f4crP6il4=;
        b=CeWVqyPzHeOhROoKK0J3Fdo/f76ed5+fmpKwaBgWiZqVDAbXxMQAHBc3Lfxh1AIiyM
         lFLjI4oOwsKRwzX8bvRIYMTnj8UYpVCVYjvPJynCVVewHryQND+dBS3jEvMe1RjlsY0/
         yPMQH9sjPQUBRYEdl24nXBlrj4Q5Q5SujTGHbgOQD8mhO5GJ+j/N9zffO7A1z/+25RJl
         9OX4jcRNIuNaWo5wrV9aWpuLDKUGRZnRAqNfpv0/x23e4cwxKJ1ogN1wpi6RbyriQCop
         a9HuGZZG7JzYy67xTdUTIVmhOtCoNvaQUd+Sv+zmTUGfTz/M1NYwcCdYWshj+QF489ON
         TBsg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=kbZ0FLEIJqgDx32ZuWy0vmHvCIKwfGbPT6f4crP6il4=;
        b=MH4BDudnkoOqXB2GNnYJtIeyOXrDzBY0QarWWQgUGk/24Md8uFGCIQDEVTohlGMvAZ
         TULN7zDgN5yzMuaXHJxG+4HcXhNwGFbudeInFSqskjmyAQjM8YP1qXwvKGxOBKzw77L0
         kT3i05I8TojyPZzCscJzo2MhJEMVHgRu7YtNiTSC1gpKwdGXa2o2/kJKRntI0yLC/m+w
         Gn/8c2UE0A7BSRUn5N06h8fQOzE0kU1iLH3MGnqRnsZkqGmeE+oNtBnox3+M2C8I5zjR
         eoWsJqK5WToHOdZZm2+2oZ2wtMi6fSfY+gti/BX/lG8d1CC/IrSWd6ori5RW2yOtsB2/
         QBng==
X-Gm-Message-State: APjAAAVakrmyfobpXPfSvtw/q1jnro4YJ+c+iZnYTVN1rRcgwSvLFlvb
        Vsc53PTfVRG0iZF23N5qFoZoR4E9TFxbRPMaAxmGpQ==
X-Received: by 2002:a6b:c9ce:: with SMTP id z197mr315197iof.14.1573597398002;
 Tue, 12 Nov 2019 14:23:18 -0800 (PST)
MIME-Version: 1.0
References: <20190710201244.25195-1-brijesh.singh@amd.com> <20190710201244.25195-3-brijesh.singh@amd.com>
In-Reply-To: <20190710201244.25195-3-brijesh.singh@amd.com>
From:   Peter Gonda <pgonda@google.com>
Date:   Tue, 12 Nov 2019 14:23:06 -0800
Message-ID: <CAMkAt6rrwWteTaA4zJO1D3qd12P+8Qa68hjwsSEb+0AVcsjk7A@mail.gmail.com>
Subject: Re: [PATCH v3 02/11] KVM: SVM: Add KVM_SEND_UPDATE_DATA command
To:     "Singh, Brijesh" <brijesh.singh@amd.com>
Cc:     "kvm@vger.kernel.org" <kvm@vger.kernel.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@redhat.com>,
        "H. Peter Anvin" <hpa@zytor.com>,
        Paolo Bonzini <pbonzini@redhat.com>,
        =?UTF-8?B?UmFkaW0gS3LEjW3DocWZ?= <rkrcmar@redhat.com>,
        Joerg Roedel <joro@8bytes.org>, Borislav Petkov <bp@suse.de>,
        "Lendacky, Thomas" <Thomas.Lendacky@amd.com>,
        "x86@kernel.org" <x86@kernel.org>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, Jul 10, 2019 at 1:14 PM Singh, Brijesh <brijesh.singh@amd.com> wrote:

> +static int sev_send_update_data(struct kvm *kvm, struct kvm_sev_cmd *argp)
> +{
> +       struct kvm_sev_info *sev = &to_kvm_svm(kvm)->sev_info;
> +       struct sev_data_send_update_data *data;
> +       struct kvm_sev_send_update_data params;
> +       void *hdr = NULL, *trans_data = NULL;
> +       struct page **guest_page = NULL;
> +       unsigned long n;
> +       int ret, offset;
> +
> +       if (!sev_guest(kvm))
> +               return -ENOTTY;
> +
> +       if (copy_from_user(&params, (void __user *)(uintptr_t)argp->data,
> +                       sizeof(struct kvm_sev_send_update_data)))
> +               return -EFAULT;
> +
> +       data = kzalloc(sizeof(*data), GFP_KERNEL);
> +       if (!data)
> +               return -ENOMEM;
> +
> +       /* userspace wants to query either header or trans length */
> +       if (!params.trans_len || !params.hdr_len)
> +               goto cmd;
> +
> +       ret = -EINVAL;
> +       if (!params.trans_uaddr || !params.guest_uaddr ||
> +           !params.guest_len || !params.hdr_uaddr)
> +               goto e_free;
> +
> +       /* Check if we are crossing the page boundry */
> +       ret = -EINVAL;
> +       offset = params.guest_uaddr & (PAGE_SIZE - 1);
> +       if ((params.guest_len + offset > PAGE_SIZE))
> +               goto e_free;
> +
> +       ret = -ENOMEM;
> +       hdr = kmalloc(params.hdr_len, GFP_KERNEL);
> +       if (!hdr)
> +               goto e_free;

Should we be checking params.hdr_len against SEV_FW_BLOB_MAX_SIZE?

> +
> +       data->hdr_address = __psp_pa(hdr);
> +       data->hdr_len = params.hdr_len;
> +
> +       ret = -ENOMEM;
> +       trans_data = kmalloc(params.trans_len, GFP_KERNEL);
> +       if (!trans_data)
> +               goto e_free;

Ditto, should we be checking params.hdr_len against SEV_FW_BLOB_MAX_SIZE?