Received: by 2002:a05:6a10:2785:0:0:0:0 with SMTP id ia5csp46228pxb;
        Thu, 7 Jan 2021 18:55:48 -0800 (PST)
X-Google-Smtp-Source: ABdhPJzKOCM2CuETxXz8ZWvP5P7ngN5+i8AwniS4CaFTBYniDr8FalYKWSVXtberYEgzAxaLpTra
X-Received: by 2002:a17:906:76c9:: with SMTP id q9mr1286342ejn.484.1610074548229;
        Thu, 07 Jan 2021 18:55:48 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1610074548; cv=none;
        d=google.com; s=arc-20160816;
        b=d51Nm/hb2olosVXMsyAIkFU92Hz3BfDxFbP/SOC1OVuT39bpwXaA1N5qNfIUfjkS2Q
         Lc4y5yhxBWyxtXYBg8rHUXSoh3QWx4rOyk0MZZuq/GIqFfETgvXk+daiNB6fLiq5R7lV
         GuJ1A7EM9d7sJC6VARC3alqZ9c1bs1HhXSDgdORc1dY4kt83wSmym5V/rRB92xJzyUnu
         IcIU/MxQj+EAkLFLoz9nOKRl+V3nAia6ySby7NmixEXFcvKnPa98JzwprTf0EWKYIOLa
         0dfPqxaOWGwDZxFDzUAVcscw7cDsnsM6bmb56pp0eFKOhT4rKEvrEW8GUC3XZh6kGzcp
         6hKQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:cc:to:from:subject:mime-version:message-id:date
         :sender:dkim-signature;
        bh=igBGrAi6Rm5zuPhj7f6tM3a6FH4jJ4t835DAUEG27WY=;
        b=hNR3aepeF8KZRTy5JUKG8TEhl7K6B2hby0U9ZcKJYhdo3fxYAFpXv1EN2k1PQWWW0B
         LVjOZaI7YcfnzPFUhM0hfAn2afg/oP2FgV9pkgH20qkeAbLM1qztmopRVNEvOqpQ0Eez
         GQ9ZDTYDx38twba/P8UkTNsSSVmaQxJL8MrVcY1cy1QU62sAlV35vro1ri+JQO4UZ5QS
         WbU1TBMpAEN5WqiOfvi8YHJO6irBdv3dY4WGVafwYjjpEL8NhlUxBGlZf0vaHVmez8EA
         91Jmw0Bm6gqLrln5G4bvAhS72bhMtwCoaUv42u5oG8AbuIrYv/UM5q68xfePUYRYuJmJ
         ExZg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=NkJg0hcp;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id 11si2923228ejw.721.2021.01.07.18.55.24;
        Thu, 07 Jan 2021 18:55:48 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=NkJg0hcp;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726607AbhAHCwC (ORCPT <rfc822;linux.s.jambekar@gmail.com>
        + 99 others); Thu, 7 Jan 2021 21:52:02 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59822 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726482AbhAHCwC (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 7 Jan 2021 21:52:02 -0500
Received: from mail-pf1-x449.google.com (mail-pf1-x449.google.com [IPv6:2607:f8b0:4864:20::449])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E2BB2C0612F4
        for <linux-kernel@vger.kernel.org>; Thu,  7 Jan 2021 18:51:21 -0800 (PST)
Received: by mail-pf1-x449.google.com with SMTP id 15so5606310pfu.6
        for <linux-kernel@vger.kernel.org>; Thu, 07 Jan 2021 18:51:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=sender:date:message-id:mime-version:subject:from:to:cc;
        bh=igBGrAi6Rm5zuPhj7f6tM3a6FH4jJ4t835DAUEG27WY=;
        b=NkJg0hcph3kLiTW/09AU80ChiiYrzkV/MKO33Iako84r/B723quJq1qwiNUafzuDOc
         1vYHMDLG+AGqgZi6UkYPxZHzAuRzj4ST71oWMmMm4xMR/Zfc9DTnfeNi+mayoHcncQKA
         9xhwIdzrdTd5wNGA5KcXKF04SR1gaJtD/R1TCePFMrnTJy16eFXEn2BKueRCnEHXX2GA
         Hxx50oPqGcPBFRyV/if7ErbMYwq4W19jBC1nR4t6UxCSoiLBJpnPUmD3E8w5cA/F0o6h
         NrZTYFVHu9MEdmwQwrC3tfeMT+cMjs7VmHiTRrQFEsaQStJbquJZR5YT6kE/OuLpQlPm
         qQXw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:sender:date:message-id:mime-version:subject:from
         :to:cc;
        bh=igBGrAi6Rm5zuPhj7f6tM3a6FH4jJ4t835DAUEG27WY=;
        b=Bow7qS3aGnWp4OH0s2lOTu8YpmNliO2h5xRh3VFYfrCcKMnHuBjHgJ/q9wy6hA2IxW
         oqHR2IUsPH9hQnzUNtFy207kNgZMEftyktlK8IxF66OKCse+QXPv09g4kue+wZIta+j/
         NfPAewKarlW/BUds9n5MT886Q5oija2SyqrWPRdSjvQ31wm1Y2i8rfMrV3BbVrLJenou
         KML3iNxzCTpcEKc3s12B7xXsZLSUckZumQ2NIRLz4sxUMenQdobgCDfpxgbXLCNcPtqG
         hdJ/dE2Do3W5EgCayj5RQ+WIQT07FXVWCAn0Qnm30xktWcnX9P7VkCNsr6RZMPkKfhql
         VNpg==
X-Gm-Message-State: AOAM53314EvfJZNwNI/OC97sJkFq1m10bW7CgD+s2GA15bcvN6P6Qunf
        /cEExTQuoD9Bt3WBxqNnXoV3SZdzl7k=
Sender: "baekhw via sendgmr" <baekhw@heavenly0xe8.kir.corp.google.com>
X-Received: from heavenly0xe8.kir.corp.google.com ([2620:0:1008:11:f693:9fff:feea:d503])
 (user=baekhw job=sendgmr) by 2002:a17:902:7205:b029:db:d2d5:fe79 with SMTP id
 ba5-20020a1709027205b02900dbd2d5fe79mr4929950plb.30.1610074281228; Thu, 07
 Jan 2021 18:51:21 -0800 (PST)
Date:   Thu,  7 Jan 2021 18:51:07 -0800
Message-Id: <20210108025107.1223487-1-baekhw@google.com>
Mime-Version: 1.0
X-Mailer: git-send-email 2.29.2.729.g45daf8777d-goog
Subject: [PATCH] x86/sev-es: Fix SEV-ES #VC handler for string port IO
From:   "Hyunwook (Wooky) Baek" <baekhw@google.com>
To:     Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>
Cc:     Joerg Roedel <jroedel@suse.de>,
        Tom Lendacky <thomas.lendacky@amd.com>,
        David Rientjes <rientjes@google.com>,
        Sean Christopherson <seanjc@google.com>,
        linux-kernel@vger.kernel.org, x86@kernel.org,
        "Hyunwook (Wooky) Baek" <baekhw@google.com>
Content-Type: text/plain; charset="UTF-8"
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Don't assume dest/source buffers are userspace addresses when manually
copying data for string I/O or MOVS MMIO, as {get,put}_user() will fail
if handed a kernel address and ultimately lead to a kernel panic.

Signed-off-by: Hyunwook (Wooky) Baek <baekhw@google.com>
Acked-by: David Rientjes <rientjes@google.com>
---
 arch/x86/kernel/sev-es.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/arch/x86/kernel/sev-es.c b/arch/x86/kernel/sev-es.c
index 0bd1a0fc587e..812494d216ba 100644
--- a/arch/x86/kernel/sev-es.c
+++ b/arch/x86/kernel/sev-es.c
@@ -286,6 +286,12 @@ static enum es_result vc_write_mem(struct es_em_ctxt *ctxt,
 	u16 d2;
 	u8  d1;
 
+	/* If instruction ran in kernel mode and the I/O buffer is in kernel space */
+	if (!user_mode(ctxt->regs) && !access_ok(s, size)) {
+		memcpy(dst, buf, size);
+		return ES_OK;
+	}
+
 	switch (size) {
 	case 1:
 		memcpy(&d1, buf, 1);
@@ -335,6 +341,12 @@ static enum es_result vc_read_mem(struct es_em_ctxt *ctxt,
 	u16 d2;
 	u8  d1;
 
+	/* If instruction ran in kernel mode and the I/O buffer is in kernel space */
+	if (!user_mode(ctxt->regs) && !access_ok(s, size)) {
+		memcpy(buf, src, size);
+		return ES_OK;
+	}
+
 	switch (size) {
 	case 1:
 		if (get_user(d1, s))
-- 
2.29.2.729.g45daf8777d-goog