Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp4250498pxj; Wed, 12 May 2021 01:05:42 -0700 (PDT) X-Google-Smtp-Source: ABdhPJz4XUxBUMpMdooTcSAZ0R5tXRR2Sf9WbGYqj9c8Pyov8/aQDPWr7SAV3X/WhLMPhI7rpqJh X-Received: by 2002:a02:3304:: with SMTP id c4mr31191468jae.68.1620806741962; Wed, 12 May 2021 01:05:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1620806741; cv=none; d=google.com; s=arc-20160816; b=hT6NJE3uqbadEFdmVzikO91p+XVCxreExJuVPQ45P1FTxKPK4nz0rZE9rB+KkfaXaS T0iyThatg25dyyDdiSJ/MiefCa9dUrf8pk80bBONDIWlFu+r3U/apHcDSJvJyreeQvq2 TGY29RZplu6541C9ueMd3Mugx00J0sXR/MtvHQsxGk985CBUvg0HpCPsyO8rFBd/d2jT oNC+1zzcStJOJN7df0juP6DbryTqvNWGJNMwgHM8uZnTJy61WMa827zbRASK2V0iRjvX Xne8VIP76GBuWtC0fk7yWe/cxiFq7lw7r/DDY9IJOQ3dUajVkVqcgukAKC6CN7vD7qdb VJkg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :mime-version:accept-language:in-reply-to:references:message-id:date :thread-index:thread-topic:subject:cc:to:from; bh=7We1fqYaZzkuZtTBAyaf3YrB2QsJjR659S/nBbFf26E=; b=AWtsnuqdggRMpRqb+IuhsnGSiw/UXE0lgj49DK5lt29semXciEBvRUyqiU7hReqzw1 AGl9td7UAH0pBt4w5ATfOrz17Wsev5iQNw54JR8nT7anIQcaooNxyhCca5qRSA+lt9bk 2/+WTSs2HaGhQa/fBupIoaC/YTiA9pjqTljbgU6uP0L60i4/XEYAikZECnkhoGYEuORg 3diCVFnWhhy91sTlL0vKtqc9IoYOpaKGadUQhHbkJyj1xOSw9rauEAD4nLrTqQc8yZri oBRrCKqSV5tj4gzpFBBr/9aC+vpg+gAFbgWbV6KrYHXXRrINJ5UtFLdRUnSr8muDftYa USiQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=aculab.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id x10si21943389ilq.24.2021.05.12.01.05.28; Wed, 12 May 2021 01:05:41 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=aculab.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230019AbhELIFs convert rfc822-to-8bit (ORCPT + 99 others); Wed, 12 May 2021 04:05:48 -0400 Received: from eu-smtp-delivery-151.mimecast.com ([185.58.85.151]:44201 "EHLO eu-smtp-delivery-151.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230135AbhELIFq (ORCPT ); Wed, 12 May 2021 04:05:46 -0400 Received: from AcuMS.aculab.com (156.67.243.121 [156.67.243.121]) (Using TLS) by relay.mimecast.com with ESMTP id uk-mta-226-GJ3a8MFKOOuK1O-e4s34MQ-1; Wed, 12 May 2021 09:04:35 +0100 X-MC-Unique: GJ3a8MFKOOuK1O-e4s34MQ-1 Received: from AcuMS.Aculab.com (fd9f:af1c:a25b:0:994c:f5c2:35d6:9b65) by AcuMS.aculab.com (fd9f:af1c:a25b:0:994c:f5c2:35d6:9b65) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 12 May 2021 09:04:33 +0100 Received: from AcuMS.Aculab.com ([fe80::994c:f5c2:35d6:9b65]) by AcuMS.aculab.com ([fe80::994c:f5c2:35d6:9b65%12]) with mapi id 15.00.1497.015; Wed, 12 May 2021 09:04:33 +0100 From: David Laight To: 'Joerg Roedel' , "x86@kernel.org" , Hyunwook Baek CC: Joerg Roedel , "stable@vger.kernel.org" , "hpa@zytor.com" , Andy Lutomirski , Dave Hansen , Peter Zijlstra , Jiri Slaby , Dan Williams , Tom Lendacky , "Juergen Gross" , Kees Cook , David Rientjes , Cfir Cohen , Erdem Aktas , Masami Hiramatsu , Mike Stunes , Sean Christopherson , Martin Radev , Arvind Sankar , "linux-coco@lists.linux.dev" , "linux-kernel@vger.kernel.org" , "kvm@vger.kernel.org" , "virtualization@lists.linux-foundation.org" Subject: RE: [PATCH 3/6] x86/sev-es: Use __put_user()/__get_user Thread-Topic: [PATCH 3/6] x86/sev-es: Use __put_user()/__get_user Thread-Index: AQHXRwQswpicLJM6a0eoGXhfP+3kQqrfe29g Date: Wed, 12 May 2021 08:04:33 +0000 Message-ID: <0496626f018d4d27a8034a4822170222@AcuMS.aculab.com> References: <20210512075445.18935-1-joro@8bytes.org> <20210512075445.18935-4-joro@8bytes.org> In-Reply-To: <20210512075445.18935-4-joro@8bytes.org> Accept-Language: en-GB, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-exchange-transport-fromentityheader: Hosted x-originating-ip: [10.202.205.107] MIME-Version: 1.0 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=C51A453 smtp.mailfrom=david.laight@aculab.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: aculab.com Content-Language: en-US Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8BIT Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Joerg > Sent: 12 May 2021 08:55 > > From: Joerg Roedel > > The put_user() and get_user() functions do checks on the address which is > passed to them. They check whether the address is actually a user-space > address and whether its fine to access it. They also call might_fault() > to indicate that they could fault and possibly sleep. > > All of these checks are neither wanted nor required in the #VC exception > handler, which can be invoked from almost any context and also for MMIO > instructions from kernel space on kernel memory. All the #VC handler > wants to know is whether a fault happened when the access was tried. > > This is provided by __put_user()/__get_user(), which just do the access > no matter what. That can't be right at all. __put/get_user() are only valid on user addresses and will try to fault in a missing page - so can sleep. At best this is abused the calls. David > Fixes: f980f9c31a92 ("x86/sev-es: Compile early handler code into kernel image") > Cc: stable@vger.kernel.org # v5.10+ > Signed-off-by: Joerg Roedel > --- > arch/x86/kernel/sev.c | 16 ++++++++-------- > 1 file changed, 8 insertions(+), 8 deletions(-) > > diff --git a/arch/x86/kernel/sev.c b/arch/x86/kernel/sev.c > index 6530a844eb61..110b39345b40 100644 > --- a/arch/x86/kernel/sev.c > +++ b/arch/x86/kernel/sev.c > @@ -342,22 +342,22 @@ static enum es_result vc_write_mem(struct es_em_ctxt *ctxt, > switch (size) { > case 1: > memcpy(&d1, buf, 1); > - if (put_user(d1, target)) > + if (__put_user(d1, target)) > goto fault; > break; > case 2: > memcpy(&d2, buf, 2); > - if (put_user(d2, target)) > + if (__put_user(d2, target)) > goto fault; > break; > case 4: > memcpy(&d4, buf, 4); > - if (put_user(d4, target)) > + if (__put_user(d4, target)) > goto fault; > break; > case 8: > memcpy(&d8, buf, 8); > - if (put_user(d8, target)) > + if (__put_user(d8, target)) > goto fault; > break; > default: > @@ -396,22 +396,22 @@ static enum es_result vc_read_mem(struct es_em_ctxt *ctxt, > > switch (size) { > case 1: > - if (get_user(d1, s)) > + if (__get_user(d1, s)) > goto fault; > memcpy(buf, &d1, 1); > break; > case 2: > - if (get_user(d2, s)) > + if (__get_user(d2, s)) > goto fault; > memcpy(buf, &d2, 2); > break; > case 4: > - if (get_user(d4, s)) > + if (__get_user(d4, s)) > goto fault; > memcpy(buf, &d4, 4); > break; > case 8: > - if (get_user(d8, s)) > + if (__get_user(d8, s)) > goto fault; > memcpy(buf, &d8, 8); > break; > -- > 2.31.1 - Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK Registration No: 1397386 (Wales)