[2/5] x86/sgx: Use memchr_inv() in sgx_validate_secinfo()
diff mbox series

Message ID 20190819152544.7296-3-jarkko.sakkinen@linux.intel.com
State New
Headers show
Series
  • x86/sgx: Improve permission handing
Related show

Commit Message

Jarkko Sakkinen Aug. 19, 2019, 3:25 p.m. UTC
Instead of looping through the array of reserved bytes use memchr_inv()
to check the bytes.

Cc: Sean Christopherson <sean.j.christpherson@intel.com>
Cc: Shay Katz-zamir <shay.katz-zamir@intel.com>
Cc: Serge Ayoun <serge.ayoun@intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
 arch/x86/kernel/cpu/sgx/driver/ioctl.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

Comments

Sean Christopherson Aug. 22, 2019, 3:47 a.m. UTC | #1
On Mon, Aug 19, 2019 at 06:25:41PM +0300, Jarkko Sakkinen wrote:
> Instead of looping through the array of reserved bytes use memchr_inv()
> to check the bytes.
> 
> Cc: Sean Christopherson <sean.j.christpherson@intel.com>
> Cc: Shay Katz-zamir <shay.katz-zamir@intel.com>
> Cc: Serge Ayoun <serge.ayoun@intel.com>
> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> ---
>  arch/x86/kernel/cpu/sgx/driver/ioctl.c | 6 ++----
>  1 file changed, 2 insertions(+), 4 deletions(-)
> 
> diff --git a/arch/x86/kernel/cpu/sgx/driver/ioctl.c b/arch/x86/kernel/cpu/sgx/driver/ioctl.c
> index 64d3286f3324..d5f326411df0 100644
> --- a/arch/x86/kernel/cpu/sgx/driver/ioctl.c
> +++ b/arch/x86/kernel/cpu/sgx/driver/ioctl.c
> @@ -414,7 +414,6 @@ static int sgx_validate_secinfo(struct sgx_secinfo *secinfo)
>  {
>  	u64 page_type = secinfo->flags & SGX_SECINFO_PAGE_TYPE_MASK;
>  	u64 perm = secinfo->flags & SGX_SECINFO_PERMISSION_MASK;
> -	int i;
>  
>  	if ((secinfo->flags & SGX_SECINFO_RESERVED_MASK) ||
>  	    ((perm & SGX_SECINFO_W) && !(perm & SGX_SECINFO_R)) ||
> @@ -422,9 +421,8 @@ static int sgx_validate_secinfo(struct sgx_secinfo *secinfo)
>  	     page_type != SGX_SECINFO_REG))
>  		return -EINVAL;
>  
> -	for (i = 0; i < SGX_SECINFO_RESERVED_SIZE; i++)
> -		if (secinfo->reserved[i])
> -			return -EINVAL;
> +	if (memchr_inv(secinfo->reserved, 0, SGX_SECINFO_RESERVED_SIZE))

Doing 'sizeof(secinfo->reserved)' would be preferable, that way we're not
dependent on SGX_SECINFO_RESERVED_SIZE being in bytes (I had to check).

Obviously not in this patch, but the same cleanup can be applied to
sgx_validate_secs().

> +		return -EINVAL;
>  
>  	return 0;
>  }
> -- 
> 2.20.1
>
Jarkko Sakkinen Aug. 22, 2019, 4:20 p.m. UTC | #2
On Wed, 2019-08-21 at 20:47 -0700, Sean Christopherson wrote:
> > +	if (memchr_inv(secinfo->reserved, 0, SGX_SECINFO_RESERVED_SIZE))
> 
> Doing 'sizeof(secinfo->reserved)' would be preferable, that way we're not
> dependent on SGX_SECINFO_RESERVED_SIZE being in bytes (I had to check).
> 
> Obviously not in this patch, but the same cleanup can be applied to
> sgx_validate_secs().

Thanks for the valid remark, I squashed with that change. I also
edited prepending commit and removed the constant altogether.

/Jarkko

Patch
diff mbox series

diff --git a/arch/x86/kernel/cpu/sgx/driver/ioctl.c b/arch/x86/kernel/cpu/sgx/driver/ioctl.c
index 64d3286f3324..d5f326411df0 100644
--- a/arch/x86/kernel/cpu/sgx/driver/ioctl.c
+++ b/arch/x86/kernel/cpu/sgx/driver/ioctl.c
@@ -414,7 +414,6 @@  static int sgx_validate_secinfo(struct sgx_secinfo *secinfo)
 {
 	u64 page_type = secinfo->flags & SGX_SECINFO_PAGE_TYPE_MASK;
 	u64 perm = secinfo->flags & SGX_SECINFO_PERMISSION_MASK;
-	int i;
 
 	if ((secinfo->flags & SGX_SECINFO_RESERVED_MASK) ||
 	    ((perm & SGX_SECINFO_W) && !(perm & SGX_SECINFO_R)) ||
@@ -422,9 +421,8 @@  static int sgx_validate_secinfo(struct sgx_secinfo *secinfo)
 	     page_type != SGX_SECINFO_REG))
 		return -EINVAL;
 
-	for (i = 0; i < SGX_SECINFO_RESERVED_SIZE; i++)
-		if (secinfo->reserved[i])
-			return -EINVAL;
+	if (memchr_inv(secinfo->reserved, 0, SGX_SECINFO_RESERVED_SIZE))
+		return -EINVAL;
 
 	return 0;
 }