Received: by 2002:a05:6a10:2785:0:0:0:0 with SMTP id ia5csp467123pxb; Fri, 8 Jan 2021 09:23:48 -0800 (PST) X-Google-Smtp-Source: ABdhPJy/ejuMBMMR+0/l91+uhP/cQjoPO3y4x4MSJNZ7LrLhXZsOqBQsNMtSG9uW8Nx9zTfON3o7 X-Received: by 2002:a17:906:5fc9:: with SMTP id k9mr3201072ejv.70.1610126627951; Fri, 08 Jan 2021 09:23:47 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1610126627; cv=none; d=google.com; s=arc-20160816; b=suMEBt/56Ph6NsO6Eoa8LgI6abcXy6tRb9f/Vr2K6AsUGsct0Dt1FTgM6SffTmwAVz KZuNxCQyuBWhI0fs3uXu8DpbuDIv9zcDLFU/3TjsQ1W6q/6laOO/XP5ae03wsTREz74P ile7y3dDlHuHstb7TvyafO73hY68yuGo4Jad58HYesOsACwxJ7KfzgOV6eQ12wgm+PCp v2pCDKq/4N/pBTYHDPUzpJZF+7a9BM2hGj75qxv3wxa53pWUlTyVXBG1d9hs8Tnk4sXF zj9i2Mty0PsIbBXyChaB5C7YkujvEMPUEh6qIPXJvP+7fXuvCMeadi8cyMbMfUabiS3b ceuQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=cNB3A8JXXFnx2hlchehGk7Dg8xjpACIq7MqfYUDn3ko=; b=Qlx/jBKwIH7ormEPlMtiKqxeB4kuMyyv/n7he3GTJNFGrQuBBxNcpzdyjHBPscVbIM N3nHahN0GUEIcNvf9eir70pZOCs3VsX4QDhOUhSWIX6xnMTpxkKlLgtxcZGoClsLycum 665bdZ5c2eTqG+uHu52SVilwnadC8pwoaY54RwNYEoLz9kQG1l9qXx33ZIrv5WJ39HZb KtAGzFqCDNp9gM5UmxcgaYB3/sp8jlUkLQu1pTPqenkpJdLT6Md/X2fcRUEPD/YofUQn l8w3OiVVy+Az64wZoSKtGYoyFatghYeoTgifAWjtNc6LlwW1kwICkDObgz4sEwJFML/k SMTA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=q7VuqbSO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id gw23si3807851ejb.235.2021.01.08.09.23.23; Fri, 08 Jan 2021 09:23:47 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@alien8.de header.s=dkim header.b=q7VuqbSO; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728268AbhAHRVc (ORCPT + 99 others); Fri, 8 Jan 2021 12:21:32 -0500 Received: from mail.skyhub.de ([5.9.137.197]:36228 "EHLO mail.skyhub.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727704AbhAHRVc (ORCPT ); Fri, 8 Jan 2021 12:21:32 -0500 Received: from zn.tnic (p200300ec2f0a31007b8134cbda999f41.dip0.t-ipconnect.de [IPv6:2003:ec:2f0a:3100:7b81:34cb:da99:9f41]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id F1E0A1EC01A8; Fri, 8 Jan 2021 18:20:50 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=dkim; t=1610126451; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:in-reply-to:in-reply-to: references:references; bh=cNB3A8JXXFnx2hlchehGk7Dg8xjpACIq7MqfYUDn3ko=; b=q7VuqbSOvA0HFMW1ffzG8Akn7AZ1WL0hLrfnASBKY2ybetsOdtMY8AqZrfKYF5hpRPsWUw S5gC6KNfYBfQdr5fBOrwNEGrBJX2YThqddZrfGIUzt06OrIrrxFJzL9rLlkQLwjRYkNI/t uFbMqyhJXg5rbDniIk0T+rpBzxFdIb0= Date: Fri, 8 Jan 2021 18:20:49 +0100 From: Borislav Petkov To: "Hyunwook (Wooky) Baek" Cc: Thomas Gleixner , Ingo Molnar , Joerg Roedel , Tom Lendacky , David Rientjes , Sean Christopherson , linux-kernel@vger.kernel.org, x86@kernel.org Subject: Re: [PATCH] x86/sev-es: Fix SEV-ES #VC handler for string port IO Message-ID: <20210108172049.GF4042@zn.tnic> References: <20210108025107.1223487-1-baekhw@google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20210108025107.1223487-1-baekhw@google.com> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Jan 07, 2021 at 06:51:07PM -0800, Hyunwook (Wooky) Baek wrote: > Don't assume dest/source buffers are userspace addresses when manually > copying data for string I/O or MOVS MMIO, as {get,put}_user() will fail > if handed a kernel address and ultimately lead to a kernel panic. > > Signed-off-by: Hyunwook (Wooky) Baek > Acked-by: David Rientjes > --- > arch/x86/kernel/sev-es.c | 12 ++++++++++++ > 1 file changed, 12 insertions(+) > > diff --git a/arch/x86/kernel/sev-es.c b/arch/x86/kernel/sev-es.c > index 0bd1a0fc587e..812494d216ba 100644 > --- a/arch/x86/kernel/sev-es.c > +++ b/arch/x86/kernel/sev-es.c > @@ -286,6 +286,12 @@ static enum es_result vc_write_mem(struct es_em_ctxt *ctxt, > u16 d2; > u8 d1; > > + /* If instruction ran in kernel mode and the I/O buffer is in kernel space */ > + if (!user_mode(ctxt->regs) && !access_ok(s, size)) { ^^^ Just by looking at this patch I know you haven't tested it before sending. :-( -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette