diff options
Diffstat (limited to 'meta-amd-bsp/recipes-kernel/linux/linux-yocto-4.14.71-e3000/0088-KVM-SVM-no-need-to-call-access_ok-in-LAUNCH_MEASURE-.patch')
-rw-r--r-- | meta-amd-bsp/recipes-kernel/linux/linux-yocto-4.14.71-e3000/0088-KVM-SVM-no-need-to-call-access_ok-in-LAUNCH_MEASURE-.patch | 92 |
1 files changed, 0 insertions, 92 deletions
diff --git a/meta-amd-bsp/recipes-kernel/linux/linux-yocto-4.14.71-e3000/0088-KVM-SVM-no-need-to-call-access_ok-in-LAUNCH_MEASURE-.patch b/meta-amd-bsp/recipes-kernel/linux/linux-yocto-4.14.71-e3000/0088-KVM-SVM-no-need-to-call-access_ok-in-LAUNCH_MEASURE-.patch deleted file mode 100644 index 5d0f49bf..00000000 --- a/meta-amd-bsp/recipes-kernel/linux/linux-yocto-4.14.71-e3000/0088-KVM-SVM-no-need-to-call-access_ok-in-LAUNCH_MEASURE-.patch +++ /dev/null @@ -1,92 +0,0 @@ -From a63bec5a4d29dba22ee32a0f5af779e17000e415 Mon Sep 17 00:00:00 2001 -From: Brijesh Singh <brijesh.singh@amd.com> -Date: Fri, 23 Feb 2018 12:36:50 -0600 -Subject: [PATCH 88/95] KVM: SVM: no need to call access_ok() in LAUNCH_MEASURE - command -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Using the access_ok() to validate the input before issuing the SEV -command does not buy us anything in this case. If userland is -giving us a garbage pointer then copy_to_user() will catch it when we try -to return the measurement. - -Suggested-by: Al Viro <viro@ZenIV.linux.org.uk> -Fixes: 0d0736f76347 (KVM: SVM: Add support for KVM_SEV_LAUNCH_MEASURE ...) -Cc: Paolo Bonzini <pbonzini@redhat.com> -Cc: Radim Krčmář <rkrcmar@redhat.com> -Cc: Borislav Petkov <bp@suse.de> -Cc: Tom Lendacky <thomas.lendacky@amd.com> -Cc: linux-kernel@vger.kernel.org -Cc: Joerg Roedel <joro@8bytes.org> -Signed-off-by: Brijesh Singh <brijesh.singh@amd.com> -Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> -Signed-off-by: Sudheesh Mavila <sudheesh.mavila@amd.com> ---- - arch/x86/kvm/svm.c | 16 +++++++--------- - 1 file changed, 7 insertions(+), 9 deletions(-) - -diff --git a/arch/x86/kvm/svm.c b/arch/x86/kvm/svm.c -index 399ad5e..8e60fbc 100755 ---- a/arch/x86/kvm/svm.c -+++ b/arch/x86/kvm/svm.c -@@ -6205,16 +6205,18 @@ static int sev_launch_update_data(struct kvm *kvm, struct kvm_sev_cmd *argp) - - static int sev_launch_measure(struct kvm *kvm, struct kvm_sev_cmd *argp) - { -+ void __user *measure = (void __user *)(uintptr_t)argp->data; - struct kvm_sev_info *sev = &kvm->arch.sev_info; - struct sev_data_launch_measure *data; - struct kvm_sev_launch_measure params; -+ void __user *p = NULL; - void *blob = NULL; - int ret; - - if (!sev_guest(kvm)) - return -ENOTTY; - -- if (copy_from_user(¶ms, (void __user *)(uintptr_t)argp->data, sizeof(params))) -+ if (copy_from_user(¶ms, measure, sizeof(params))) - return -EFAULT; - - data = kzalloc(sizeof(*data), GFP_KERNEL); -@@ -6225,17 +6227,13 @@ static int sev_launch_measure(struct kvm *kvm, struct kvm_sev_cmd *argp) - if (!params.len) - goto cmd; - -- if (params.uaddr) { -+ p = (void __user *)(uintptr_t)params.uaddr; -+ if (p) { - if (params.len > SEV_FW_BLOB_MAX_SIZE) { - ret = -EINVAL; - goto e_free; - } - -- if (!access_ok(VERIFY_WRITE, params.uaddr, params.len)) { -- ret = -EFAULT; -- goto e_free; -- } -- - ret = -ENOMEM; - blob = kmalloc(params.len, GFP_KERNEL); - if (!blob) -@@ -6259,13 +6257,13 @@ static int sev_launch_measure(struct kvm *kvm, struct kvm_sev_cmd *argp) - goto e_free_blob; - - if (blob) { -- if (copy_to_user((void __user *)(uintptr_t)params.uaddr, blob, params.len)) -+ if (copy_to_user(p, blob, params.len)) - ret = -EFAULT; - } - - done: - params.len = data->len; -- if (copy_to_user((void __user *)(uintptr_t)argp->data, ¶ms, sizeof(params))) -+ if (copy_to_user(measure, ¶ms, sizeof(params))) - ret = -EFAULT; - e_free_blob: - kfree(blob); --- -2.7.4 - |