Received: by 2002:a05:6a10:a852:0:0:0:0 with SMTP id d18csp3418524pxy;
        Tue, 4 May 2021 01:30:19 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJwD7tNkqwpufOrE0h/0whnFM94QiN3YbBOPe9t5afe0KK+CTj19moKvslD9gNfWslIX7ciH
X-Received: by 2002:a17:906:4ad0:: with SMTP id u16mr20698492ejt.19.1620117019430;
        Tue, 04 May 2021 01:30:19 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1620117019; cv=none;
        d=google.com; s=arc-20160816;
        b=fRmn5mCmxPc7gVh5twtaQtSEGiKwFuBUrRRwI4lse07aUUOM/YsWog1xlMTSkEYD83
         U8df4BmiyJHSHDH6lfCHvYMzwGcCqOpKuwRULu6SicnLwXG+lIga7z3k1m904qL1wvRT
         N7xgQSg5NtMgwOqMOfDBEdzZhBcMnbwg44F20Nf2ay9vUtu0wBuWAVsKk9A5Mkx0wrdO
         sy4DBAsFDwK2ZPy2PqpZPJJVAx9Z1rZuNJlFHiNW0lmsqMzXuUbzAyHH72BX2WruU81m
         8x2TtxpleVBIWBp6J6P2SMHtJmor+n0KBteeBAichKrEiwRCBAzQKjrcnlCNpE7xkNOf
         aiuA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:mime-version:message-id:date:subject:cc:to:from
         :dkim-signature;
        bh=31dOGfcg2GObswIUd+iAQCyOWXV3Asmut6GnIm4jpIg=;
        b=mS652OkgW8dJpGEboCu7Sz21sbu+c/3WI6fZkXcQKxw/yzTgKEpN/TBa9UUiEThj+C
         6bWgSxWK/qJpsVZH8bmm/8HSBHqTGsc7DgmkkjvsI/jxN+4voUO/3ri50cieCmsks6vv
         QLyFwKgE7rUTqWUAP7hXyOxdHyls7MD4cEWaf2J9vywC5FQabi5hfF1PacTrQSLey7cQ
         XJ/edIchvMAO4b88l/WqX++hQ9qLc+0pMiONHe1AaXpH04rSj3vOos624bgjsjFnP9bb
         GznymV6i39xVeScDVrO5P/54rZMFrnb03cXRiW+beRLvpY4GzQ8RoBnVnHzhp2Q5Q93a
         l6ag==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@amazon.de header.s=amazon201209 header.b=O1UXWtmU;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.de
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id hc43si2532375ejc.387.2021.05.04.01.29.54;
        Tue, 04 May 2021 01:30:19 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@amazon.de header.s=amazon201209 header.b=O1UXWtmU;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.de
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S230111AbhEDI1k (ORCPT <rfc822;liwecan@gmail.com> + 99 others);
        Tue, 4 May 2021 04:27:40 -0400
Received: from smtp-fw-9102.amazon.com ([207.171.184.29]:21893 "EHLO
        smtp-fw-9102.amazon.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229875AbhEDI1j (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 4 May 2021 04:27:39 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
  d=amazon.de; i=@amazon.de; q=dns/txt; s=amazon201209;
  t=1620116805; x=1651652805;
  h=from:to:cc:subject:date:message-id:mime-version;
  bh=31dOGfcg2GObswIUd+iAQCyOWXV3Asmut6GnIm4jpIg=;
  b=O1UXWtmUAQWlo8bueA+5YyzToydGDmoenp0mpVcoHs0RM8eiAT8HVJQU
   z1w9U08H6YdnSlwfRCHsxWrCNUHHbipUEjcR4nQgyELi8jqgZ61qLO0Dr
   uweln/w4LEPSmUBwbu/ivrmpp/KUw/tzlpiu7uZdmWx043e8mb1uM0JQp
   0=;
X-IronPort-AV: E=Sophos;i="5.82,271,1613433600"; 
   d="scan'208";a="132862651"
Received: from pdx4-co-svc-p1-lb2-vlan2.amazon.com (HELO email-inbound-relay-2b-baacba05.us-west-2.amazon.com) ([10.25.36.210])
  by smtp-border-fw-9102.sea19.amazon.com with ESMTP; 04 May 2021 08:26:27 +0000
Received: from EX13D28EUC003.ant.amazon.com (pdx1-ws-svc-p6-lb9-vlan2.pdx.amazon.com [10.236.137.194])
        by email-inbound-relay-2b-baacba05.us-west-2.amazon.com (Postfix) with ESMTPS id 34731A1CDB;
        Tue,  4 May 2021 08:26:26 +0000 (UTC)
Received: from uc8bbc9586ea454.ant.amazon.com (10.43.161.85) by
 EX13D28EUC003.ant.amazon.com (10.43.164.43) with Microsoft SMTP Server (TLS)
 id 15.0.1497.2; Tue, 4 May 2021 08:26:20 +0000
From:   Siddharth Chandrasekaran <sidcha@amazon.de>
To:     Paolo Bonzini <pbonzini@redhat.com>,
        Sean Christopherson <seanjc@google.com>,
        Vitaly Kuznetsov <vkuznets@redhat.com>,
        Wanpeng Li <wanpengli@tencent.com>,
        Jim Mattson <jmattson@google.com>,
        Joerg Roedel <joro@8bytes.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@redhat.com>, Borislav Petkov <bp@alien8.de>,
        <x86@kernel.org>, "H. Peter Anvin" <hpa@zytor.com>
CC:     Siddharth Chandrasekaran <sidcha@amazon.de>, <kvm@vger.kernel.org>,
        <linux-kernel@vger.kernel.org>
Subject: [PATCH v2] KVM: x86: Hoist input checks in kvm_add_msr_filter()
Date:   Tue, 4 May 2021 10:25:59 +0200
Message-ID: <20210504082600.3668-1-sidcha@amazon.de>
X-Mailer: git-send-email 2.17.1
MIME-Version: 1.0
Content-Type: text/plain
X-Originating-IP: [10.43.161.85]
X-ClientProxiedBy: EX13D35UWB001.ant.amazon.com (10.43.161.47) To
 EX13D28EUC003.ant.amazon.com (10.43.164.43)
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

In ioctl KVM_X86_SET_MSR_FILTER, input from user space is validated
after a memdup_user(). For invalid inputs we'd memdup and then call
kfree unnecessarily. Hoist input validation to avoid kfree altogether.

Signed-off-by: Siddharth Chandrasekaran <sidcha@amazon.de>
---
 arch/x86/kvm/x86.c | 26 +++++++-------------------
 1 file changed, 7 insertions(+), 19 deletions(-)

diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
index ee0dc58ac3a5..c4fc0c46927a 100644
--- a/arch/x86/kvm/x86.c
+++ b/arch/x86/kvm/x86.c
@@ -5390,14 +5390,18 @@ static void kvm_free_msr_filter(struct kvm_x86_msr_filter *msr_filter)
 static int kvm_add_msr_filter(struct kvm_x86_msr_filter *msr_filter,
 			      struct kvm_msr_filter_range *user_range)
 {
-	struct msr_bitmap_range range;
 	unsigned long *bitmap = NULL;
 	size_t bitmap_size;
-	int r;
 
 	if (!user_range->nmsrs)
 		return 0;
 
+	if (user_range->flags & ~(KVM_MSR_FILTER_READ | KVM_MSR_FILTER_WRITE))
+		return -EINVAL;
+
+	if (!user_range->flags)
+		return -EINVAL;
+
 	bitmap_size = BITS_TO_LONGS(user_range->nmsrs) * sizeof(long);
 	if (!bitmap_size || bitmap_size > KVM_MSR_FILTER_MAX_BITMAP_SIZE)
 		return -EINVAL;
@@ -5406,31 +5410,15 @@ static int kvm_add_msr_filter(struct kvm_x86_msr_filter *msr_filter,
 	if (IS_ERR(bitmap))
 		return PTR_ERR(bitmap);
 
-	range = (struct msr_bitmap_range) {
+	msr_filter->ranges[msr_filter->count] = (struct msr_bitmap_range) {
 		.flags = user_range->flags,
 		.base = user_range->base,
 		.nmsrs = user_range->nmsrs,
 		.bitmap = bitmap,
 	};
-
-	if (range.flags & ~(KVM_MSR_FILTER_READ | KVM_MSR_FILTER_WRITE)) {
-		r = -EINVAL;
-		goto err;
-	}
-
-	if (!range.flags) {
-		r = -EINVAL;
-		goto err;
-	}
-
-	/* Everything ok, add this range identifier. */
-	msr_filter->ranges[msr_filter->count] = range;
 	msr_filter->count++;
 
 	return 0;
-err:
-	kfree(bitmap);
-	return r;
 }
 
 static int kvm_vm_ioctl_set_msr_filter(struct kvm *kvm, void __user *argp)
-- 
2.17.1




Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879