Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp2417867rwb; Thu, 17 Nov 2022 10:26:17 -0800 (PST) X-Google-Smtp-Source: AA0mqf7igoVH7U5O61B0pVfktFe1eYgiPU+DH9mpWgzdyRUTqhoaCew4BIGXxseiMOIFTCobWYU3 X-Received: by 2002:a17:907:bd5:b0:7ad:9ada:f32e with SMTP id ez21-20020a1709070bd500b007ad9adaf32emr3092410ejc.591.1668709577055; Thu, 17 Nov 2022 10:26:17 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668709577; cv=none; d=google.com; s=arc-20160816; b=n9W8VkMnvlPUSnb3veLqelifnsSuVT/Vd/kZ94J44NAsquVmgZUg72VbHll9giJPxi rwNr8WXcBqOr8g6CwQNGo62iLq9y8U6cQIvS1+GDyQAMYIsQkKPSvhBL4sUBJUaJkEx1 b8jP3cVfPSfP4J5rWhxDyIMwkUpsRJQPo19vCFiynnioQi6v+rS885vs5znNAd4XUAdY e49DxsXyo3QfxTIsiBrNbHVQ7BQGQFysmjR2rvz7JbIxyYii/OQYcPVPN1+qYllBUDup 9Bp2k9ROE9TDqH2BBHg7OSOJvOhsueWzwk3Z65iiR9aQExXVTqpN9wycB1nj4ZUEUVZY t5Mw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=C1uNPWN9nebG+rk7o8ckVu9MurS/3CN2wIQ6qnCi4S8=; b=FRGmLrbPHJWLa1BRkgQbzBWI2K+68tOhP6ozNgLqgAQnCPzn/N9h+CaMHs1OJLdkkt wtuX1NfZQoDQvVMylSoKOTIghh//rwpDS+CtqPGyCEj3xbPRCxanycPFpgZrVa9uILF9 gC+LMbKAIhKhQGl8ZFLHBrY6Hl7Tx60GjTG/1E60gsTOc64LCY5QLv9Yv4YDQN4cCH5Z 5So2pcpbjVoD3KrSCTwD2LbUsSiSkmOmbD3YGieQWl7+O+JEfmUCBqobSYuHMDGQpNll zQDHgwEqXfCUh2tO6bklupF4XPxXrCgYMc0KSdvEbL8FQFLjRGJ4CsctX/TUimF8wQtM IOSQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=I9iiKaaI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id cr12-20020a170906d54c00b0078db517075fsi1120695ejc.659.2022.11.17.10.25.54; Thu, 17 Nov 2022 10:26:17 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=I9iiKaaI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239985AbiKQRvb (ORCPT + 92 others); Thu, 17 Nov 2022 12:51:31 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36754 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234005AbiKQRv2 (ORCPT ); Thu, 17 Nov 2022 12:51:28 -0500 Received: from mail-pf1-x42c.google.com (mail-pf1-x42c.google.com [IPv6:2607:f8b0:4864:20::42c]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E41D77C031; Thu, 17 Nov 2022 09:51:27 -0800 (PST) Received: by mail-pf1-x42c.google.com with SMTP id y203so2488166pfb.4; Thu, 17 Nov 2022 09:51:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=C1uNPWN9nebG+rk7o8ckVu9MurS/3CN2wIQ6qnCi4S8=; b=I9iiKaaIkHrqNpq1tu6TUZ6I5q/eDQVuMRB++ypxVHQJGAsFNyucK23qj/Uxq8Aaf0 PX6d6kpU8TbtSkalKFG5WleLQubXBaq5cNc559zITy0ATYXj2u0k2M+goK7PmN5L0OCV eigr1NxYEAen7ef8zDV0Jbc4LMZAwL+UV/QqGtrpvPQPzmuLxAMe4q1xVcIDAeZhnTWB L5MFbcJeuUJ1hVGfL1tev+I0oowcGanqjcela0Q7yLCZHDiSofzDKIgziwU4fl0HOF8R KibkX+3u8eLN4E4fG4CqAlEvZQi6fRURrDgUQxi/ebNnRuRHWyCsDiI/H85JTTiHGqlc e6Jg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=C1uNPWN9nebG+rk7o8ckVu9MurS/3CN2wIQ6qnCi4S8=; b=KG4H9sGF4Q/EQb0I2gTqIKuEEbn3CYD6JbfZDWDmldMrEjLyzFe/aG9GgNkMaqDKcx 6WJbkmbf4sAyzfLEjjupKJWCvv4uzxSMxg+R77jfRSavUy8rs+3SRWzqOpxVsCnzI1em j1YtTb0XwypM8GUMrnq7mziaRNM+LjLkGZY/fjZw25SPuupeZSl5Yo7QiSn0uMm/MJqd wscecz7OaIBFipTACVZW9bkOEWpmLRjMGbzB/zeEK2tdGew2Au2Nj8MIhr8RtGjSXlBX h/PB/QY/ajlMgBy01+2O/J4NagclVty1/rXo1nEvielbCCgyP6vI7nWWlrJtEB9hYThc /QqQ== X-Gm-Message-State: ANoB5pl1qHNbA23MeFhX6jKDVHxxiL3GC7W+09vrcOkUSo5ZXwqHPxQ4 KUmtDQojVOBASZ6qpoPvCJY= X-Received: by 2002:a05:6a00:330e:b0:56c:d93a:ac5f with SMTP id cq14-20020a056a00330e00b0056cd93aac5fmr3987408pfb.48.1668707487267; Thu, 17 Nov 2022 09:51:27 -0800 (PST) Received: from localhost ([192.55.54.55]) by smtp.gmail.com with ESMTPSA id c8-20020aa79528000000b005622f99579esm1411455pfp.160.2022.11.17.09.51.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 17 Nov 2022 09:51:26 -0800 (PST) Date: Thu, 17 Nov 2022 09:51:25 -0800 From: Isaku Yamahata To: "Wang, Lei" Cc: isaku.yamahata@intel.com, kvm@vger.kernel.org, linux-kernel@vger.kernel.org, isaku.yamahata@gmail.com, Paolo Bonzini , erdemaktas@google.com, Sean Christopherson , Sagi Shahar , David Matlack , Xiaoyao Li Subject: Re: [PATCH v10 021/108] KVM: TDX: initialize VM with TDX specific parameters Message-ID: <20221117175125.GF2350331@ls.amr.corp.intel.com> References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Nov 16, 2022 at 01:34:46PM +0800, "Wang, Lei" wrote: > > @@ -431,50 +633,65 @@ int tdx_vm_init(struct kvm *kvm) > > return ret; > > } > > > > -int tdx_dev_ioctl(void __user *argp) > > +static int tdx_td_init(struct kvm *kvm, struct kvm_tdx_cmd *cmd) > > { > > - struct kvm_tdx_capabilities __user *user_caps; > > - struct kvm_tdx_capabilities caps; > > - struct kvm_tdx_cmd cmd; > > + struct kvm_tdx *kvm_tdx = to_kvm_tdx(kvm); > > + struct kvm_tdx_init_vm *init_vm = NULL; > > + struct td_params *td_params = NULL; > > + void *entries_end; > > + int ret; > > > > - BUILD_BUG_ON(sizeof(struct kvm_tdx_cpuid_config) != > > - sizeof(struct tdx_cpuid_config)); > > + BUILD_BUG_ON(sizeof(*init_vm) != 16 * 1024); > > + BUILD_BUG_ON((sizeof(*init_vm) - offsetof(typeof(*init_vm), entries)) / > > + sizeof(init_vm->entries[0]) < KVM_MAX_CPUID_ENTRIES); > > + BUILD_BUG_ON(sizeof(struct td_params) != 1024); > > > > - if (copy_from_user(&cmd, argp, sizeof(cmd))) > > - return -EFAULT; > > - if (cmd.flags || cmd.error || cmd.unused) > > + if (is_td_initialized(kvm)) > > return -EINVAL; > > - /* > > - * Currently only KVM_TDX_CAPABILITIES is defined for system-scoped > > - * mem_enc_ioctl(). > > - */ > > - if (cmd.id != KVM_TDX_CAPABILITIES) > > + > > + if (cmd->flags) > > return -EINVAL; > > > > - user_caps = (void __user *)cmd.data; > > - if (copy_from_user(&caps, user_caps, sizeof(caps))) > > - return -EFAULT; > > + init_vm = kzalloc(sizeof(*init_vm), GFP_KERNEL); > > + if (copy_from_user(init_vm, (void __user *)cmd->data, sizeof(*init_vm))) { > > Pointer 'init_vm' returned from call to function 'kzalloc' may be NULL and will > be dereferenced at this line. > > Maybe a NULL-check here is needed? Yes, thank you for catching it. Thanks, -- Isaku Yamahata