• Sean Christopherson's avatar
    crypto: ccp: Reject SEV commands with mismatching command buffer · d5760dee
    Sean Christopherson authored
    WARN on and reject SEV commands that provide a valid data pointer, but do
    not have a known, non-zero length.  And conversely, reject commands that
    take a command buffer but none is provided (data is null).
    
    Aside from sanity checking input, disallowing a non-null pointer without
    a non-zero size will allow a future patch to cleanly handle vmalloc'd
    data by copying the data to an internal __pa() friendly buffer.
    
    Note, this also effectively prevents callers from using commands that
    have a non-zero length and are not known to the kernel.  This is not an
    explicit goal, but arguably the side effect is a good thing from the
    kernel's perspective.
    
    Cc: Brijesh Singh <brijesh.singh@amd.com>
    Cc: Borislav Petkov <bp@suse.de>
    Cc: Tom Lendacky <thomas.lendacky@amd.com>
    Signed-off-by: default avatarSean Christopherson <seanjc@google.com>
    Message-Id: <20210406224952.4177376-4-seanjc@google.com>
    Reviewed-by: default avatarBrijesh Singh <brijesh.singh@amd.com>
    Acked-by: default avatarTom Lendacky <thomas.lendacky@amd.com>
    Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
    d5760dee
sev-dev.c 26.9 KB