Message ID | 20200604080941.GA8278@gondor.apana.org.au (mailing list archive) |
---|---|
State | Accepted |
Delegated to: | Herbert Xu |
Headers | show |
Series | crypto: ccp - Fix sparse warnings in sev-dev | expand |
+ Tom. On Thu, Jun 04, 2020 at 06:09:41PM +1000, Herbert Xu wrote: > This patch fixes a bunch of sparse warnings in sev-dev where the > __user marking is incorrectly handled. > > Reported-by: kbuild test robot <lkp@intel.com> > Fixes: 7360e4b14350 ("crypto: ccp: Implement SEV_PEK_CERT_IMPORT...") > Fixes: e799035609e1 ("crypto: ccp: Implement SEV_PEK_CSR ioctl...") > Fixes: 76a2b524a4b1 ("crypto: ccp - introduce SEV_GET_ID2 command") > Fixes: d6112ea0cb34 ("crypto: ccp - introduce SEV_GET_ID2 command") > Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> > > diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c > index 439cd737076e..aa576529283b 100644 > --- a/drivers/crypto/ccp/sev-dev.c > +++ b/drivers/crypto/ccp/sev-dev.c > @@ -376,6 +376,7 @@ static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable) > struct sev_device *sev = psp_master->sev_data; > struct sev_user_data_pek_csr input; > struct sev_data_pek_csr *data; > + void __user *input_address; > void *blob = NULL; > int ret; > > @@ -394,7 +395,8 @@ static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable) > goto cmd; > > /* allocate a physically contiguous buffer to store the CSR blob */ > - if (!access_ok(input.address, input.length) || > + input_address = (void __user *)input.address; > + if (!access_ok(input_address, input.length) || > input.length > SEV_FW_BLOB_MAX_SIZE) { > ret = -EFAULT; > goto e_free; > @@ -427,7 +429,7 @@ static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable) > } > > if (blob) { > - if (copy_to_user((void __user *)input.address, blob, input.length)) > + if (copy_to_user(input_address, blob, input.length)) > ret = -EFAULT; > } > > @@ -438,7 +440,7 @@ static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable) > return ret; > } > > -void *psp_copy_user_blob(u64 __user uaddr, u32 len) > +void *psp_copy_user_blob(u64 uaddr, u32 len) > { > if (!uaddr || !len) > return ERR_PTR(-EINVAL); > @@ -447,7 +449,7 @@ void *psp_copy_user_blob(u64 __user uaddr, u32 len) > if (len > SEV_FW_BLOB_MAX_SIZE) > return ERR_PTR(-EINVAL); > > - return memdup_user((void __user *)(uintptr_t)uaddr, len); > + return memdup_user((void __user *)uaddr, len); > } > EXPORT_SYMBOL_GPL(psp_copy_user_blob); > > @@ -622,6 +624,7 @@ static int sev_ioctl_do_get_id2(struct sev_issue_cmd *argp) > { > struct sev_user_data_get_id2 input; > struct sev_data_get_id *data; > + void __user *input_address; > void *id_blob = NULL; > int ret; > > @@ -633,9 +636,10 @@ static int sev_ioctl_do_get_id2(struct sev_issue_cmd *argp) > return -EFAULT; > > /* Check if we have write access to the userspace buffer */ > + input_address = (void __user *)input.address; > if (input.address && > input.length && > - !access_ok(input.address, input.length)) > + !access_ok(input_address, input.length)) > return -EFAULT; > > data = kzalloc(sizeof(*data), GFP_KERNEL); > @@ -667,8 +671,7 @@ static int sev_ioctl_do_get_id2(struct sev_issue_cmd *argp) > } > > if (id_blob) { > - if (copy_to_user((void __user *)input.address, > - id_blob, data->len)) { > + if (copy_to_user(input_address, id_blob, data->len)) { > ret = -EFAULT; > goto e_free; > } > @@ -727,6 +730,8 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) > struct sev_user_data_pdh_cert_export input; > void *pdh_blob = NULL, *cert_blob = NULL; > struct sev_data_pdh_cert_export *data; > + void __user *input_cert_chain_address; > + void __user *input_pdh_cert_address; > int ret; > > /* If platform is not in INIT state then transition it to INIT. */ > @@ -752,16 +757,19 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) > !input.cert_chain_address) > goto cmd; > > + input_pdh_cert_address = (void __user *)input.pdh_cert_address; > + input_cert_chain_address = (void __user *)input.cert_chain_address; > + > /* Allocate a physically contiguous buffer to store the PDH blob. */ > if ((input.pdh_cert_len > SEV_FW_BLOB_MAX_SIZE) || > - !access_ok(input.pdh_cert_address, input.pdh_cert_len)) { > + !access_ok(input_pdh_cert_address, input.pdh_cert_len)) { > ret = -EFAULT; > goto e_free; > } > > /* Allocate a physically contiguous buffer to store the cert chain blob. */ > if ((input.cert_chain_len > SEV_FW_BLOB_MAX_SIZE) || > - !access_ok(input.cert_chain_address, input.cert_chain_len)) { > + !access_ok(input_cert_chain_address, input.cert_chain_len)) { > ret = -EFAULT; > goto e_free; > } > @@ -797,7 +805,7 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) > } > > if (pdh_blob) { > - if (copy_to_user((void __user *)input.pdh_cert_address, > + if (copy_to_user(input_pdh_cert_address, > pdh_blob, input.pdh_cert_len)) { > ret = -EFAULT; > goto e_free_cert; > @@ -805,7 +813,7 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) > } > > if (cert_blob) { > - if (copy_to_user((void __user *)input.cert_chain_address, > + if (copy_to_user(input_cert_chain_address, > cert_blob, input.cert_chain_len)) > ret = -EFAULT; > } > diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h > index 7fbc8679145c..49d155cd2dfe 100644 > --- a/include/linux/psp-sev.h > +++ b/include/linux/psp-sev.h > @@ -597,7 +597,7 @@ int sev_guest_df_flush(int *error); > */ > int sev_guest_decommission(struct sev_data_decommission *data, int *error); > > -void *psp_copy_user_blob(u64 __user uaddr, u32 len); > +void *psp_copy_user_blob(u64 uaddr, u32 len); > > #else /* !CONFIG_CRYPTO_DEV_SP_PSP */ > > -- > Email: Herbert Xu <herbert@gondor.apana.org.au> > Home Page: http://gondor.apana.org.au/~herbert/ > PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
On 6/4/20 3:09 AM, Herbert Xu wrote: > This patch fixes a bunch of sparse warnings in sev-dev where the > __user marking is incorrectly handled. > > Reported-by: kbuild test robot <lkp@intel.com> > Fixes: 7360e4b14350 ("crypto: ccp: Implement SEV_PEK_CERT_IMPORT...") > Fixes: e799035609e1 ("crypto: ccp: Implement SEV_PEK_CSR ioctl...") > Fixes: 76a2b524a4b1 ("crypto: ccp - introduce SEV_GET_ID2 command") > Fixes: d6112ea0cb34 ("crypto: ccp - introduce SEV_GET_ID2 command") > Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Reviewed-by: Brijesh Singh <brijesh.singh@amd.com> thanks > diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c > index 439cd737076e..aa576529283b 100644 > --- a/drivers/crypto/ccp/sev-dev.c > +++ b/drivers/crypto/ccp/sev-dev.c > @@ -376,6 +376,7 @@ static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable) > struct sev_device *sev = psp_master->sev_data; > struct sev_user_data_pek_csr input; > struct sev_data_pek_csr *data; > + void __user *input_address; > void *blob = NULL; > int ret; > > @@ -394,7 +395,8 @@ static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable) > goto cmd; > > /* allocate a physically contiguous buffer to store the CSR blob */ > - if (!access_ok(input.address, input.length) || > + input_address = (void __user *)input.address; > + if (!access_ok(input_address, input.length) || > input.length > SEV_FW_BLOB_MAX_SIZE) { > ret = -EFAULT; > goto e_free; > @@ -427,7 +429,7 @@ static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable) > } > > if (blob) { > - if (copy_to_user((void __user *)input.address, blob, input.length)) > + if (copy_to_user(input_address, blob, input.length)) > ret = -EFAULT; > } > > @@ -438,7 +440,7 @@ static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable) > return ret; > } > > -void *psp_copy_user_blob(u64 __user uaddr, u32 len) > +void *psp_copy_user_blob(u64 uaddr, u32 len) > { > if (!uaddr || !len) > return ERR_PTR(-EINVAL); > @@ -447,7 +449,7 @@ void *psp_copy_user_blob(u64 __user uaddr, u32 len) > if (len > SEV_FW_BLOB_MAX_SIZE) > return ERR_PTR(-EINVAL); > > - return memdup_user((void __user *)(uintptr_t)uaddr, len); > + return memdup_user((void __user *)uaddr, len); > } > EXPORT_SYMBOL_GPL(psp_copy_user_blob); > > @@ -622,6 +624,7 @@ static int sev_ioctl_do_get_id2(struct sev_issue_cmd *argp) > { > struct sev_user_data_get_id2 input; > struct sev_data_get_id *data; > + void __user *input_address; > void *id_blob = NULL; > int ret; > > @@ -633,9 +636,10 @@ static int sev_ioctl_do_get_id2(struct sev_issue_cmd *argp) > return -EFAULT; > > /* Check if we have write access to the userspace buffer */ > + input_address = (void __user *)input.address; > if (input.address && > input.length && > - !access_ok(input.address, input.length)) > + !access_ok(input_address, input.length)) > return -EFAULT; > > data = kzalloc(sizeof(*data), GFP_KERNEL); > @@ -667,8 +671,7 @@ static int sev_ioctl_do_get_id2(struct sev_issue_cmd *argp) > } > > if (id_blob) { > - if (copy_to_user((void __user *)input.address, > - id_blob, data->len)) { > + if (copy_to_user(input_address, id_blob, data->len)) { > ret = -EFAULT; > goto e_free; > } > @@ -727,6 +730,8 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) > struct sev_user_data_pdh_cert_export input; > void *pdh_blob = NULL, *cert_blob = NULL; > struct sev_data_pdh_cert_export *data; > + void __user *input_cert_chain_address; > + void __user *input_pdh_cert_address; > int ret; > > /* If platform is not in INIT state then transition it to INIT. */ > @@ -752,16 +757,19 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) > !input.cert_chain_address) > goto cmd; > > + input_pdh_cert_address = (void __user *)input.pdh_cert_address; > + input_cert_chain_address = (void __user *)input.cert_chain_address; > + > /* Allocate a physically contiguous buffer to store the PDH blob. */ > if ((input.pdh_cert_len > SEV_FW_BLOB_MAX_SIZE) || > - !access_ok(input.pdh_cert_address, input.pdh_cert_len)) { > + !access_ok(input_pdh_cert_address, input.pdh_cert_len)) { > ret = -EFAULT; > goto e_free; > } > > /* Allocate a physically contiguous buffer to store the cert chain blob. */ > if ((input.cert_chain_len > SEV_FW_BLOB_MAX_SIZE) || > - !access_ok(input.cert_chain_address, input.cert_chain_len)) { > + !access_ok(input_cert_chain_address, input.cert_chain_len)) { > ret = -EFAULT; > goto e_free; > } > @@ -797,7 +805,7 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) > } > > if (pdh_blob) { > - if (copy_to_user((void __user *)input.pdh_cert_address, > + if (copy_to_user(input_pdh_cert_address, > pdh_blob, input.pdh_cert_len)) { > ret = -EFAULT; > goto e_free_cert; > @@ -805,7 +813,7 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) > } > > if (cert_blob) { > - if (copy_to_user((void __user *)input.cert_chain_address, > + if (copy_to_user(input_cert_chain_address, > cert_blob, input.cert_chain_len)) > ret = -EFAULT; > } > diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h > index 7fbc8679145c..49d155cd2dfe 100644 > --- a/include/linux/psp-sev.h > +++ b/include/linux/psp-sev.h > @@ -597,7 +597,7 @@ int sev_guest_df_flush(int *error); > */ > int sev_guest_decommission(struct sev_data_decommission *data, int *error); > > -void *psp_copy_user_blob(u64 __user uaddr, u32 len); > +void *psp_copy_user_blob(u64 uaddr, u32 len); > > #else /* !CONFIG_CRYPTO_DEV_SP_PSP */ >
On 6/4/20 4:04 AM, Borislav Petkov wrote: > + Tom. > > On Thu, Jun 04, 2020 at 06:09:41PM +1000, Herbert Xu wrote: >> This patch fixes a bunch of sparse warnings in sev-dev where the >> __user marking is incorrectly handled. >> >> Reported-by: kbuild test robot <lkp@intel.com> >> Fixes: 7360e4b14350 ("crypto: ccp: Implement SEV_PEK_CERT_IMPORT...") >> Fixes: e799035609e1 ("crypto: ccp: Implement SEV_PEK_CSR ioctl...") >> Fixes: 76a2b524a4b1 ("crypto: ccp - introduce SEV_GET_ID2 command") >> Fixes: d6112ea0cb34 ("crypto: ccp - introduce SEV_GET_ID2 command") >> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Acked-by: Tom Lendacky <thomas.lendacky@amd.com> >> >> diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c >> index 439cd737076e..aa576529283b 100644 >> --- a/drivers/crypto/ccp/sev-dev.c >> +++ b/drivers/crypto/ccp/sev-dev.c >> @@ -376,6 +376,7 @@ static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable) >> struct sev_device *sev = psp_master->sev_data; >> struct sev_user_data_pek_csr input; >> struct sev_data_pek_csr *data; >> + void __user *input_address; >> void *blob = NULL; >> int ret; >> >> @@ -394,7 +395,8 @@ static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable) >> goto cmd; >> >> /* allocate a physically contiguous buffer to store the CSR blob */ >> - if (!access_ok(input.address, input.length) || >> + input_address = (void __user *)input.address; >> + if (!access_ok(input_address, input.length) || >> input.length > SEV_FW_BLOB_MAX_SIZE) { >> ret = -EFAULT; >> goto e_free; >> @@ -427,7 +429,7 @@ static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable) >> } >> >> if (blob) { >> - if (copy_to_user((void __user *)input.address, blob, input.length)) >> + if (copy_to_user(input_address, blob, input.length)) >> ret = -EFAULT; >> } >> >> @@ -438,7 +440,7 @@ static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable) >> return ret; >> } >> >> -void *psp_copy_user_blob(u64 __user uaddr, u32 len) >> +void *psp_copy_user_blob(u64 uaddr, u32 len) >> { >> if (!uaddr || !len) >> return ERR_PTR(-EINVAL); >> @@ -447,7 +449,7 @@ void *psp_copy_user_blob(u64 __user uaddr, u32 len) >> if (len > SEV_FW_BLOB_MAX_SIZE) >> return ERR_PTR(-EINVAL); >> >> - return memdup_user((void __user *)(uintptr_t)uaddr, len); >> + return memdup_user((void __user *)uaddr, len); >> } >> EXPORT_SYMBOL_GPL(psp_copy_user_blob); >> >> @@ -622,6 +624,7 @@ static int sev_ioctl_do_get_id2(struct sev_issue_cmd *argp) >> { >> struct sev_user_data_get_id2 input; >> struct sev_data_get_id *data; >> + void __user *input_address; >> void *id_blob = NULL; >> int ret; >> >> @@ -633,9 +636,10 @@ static int sev_ioctl_do_get_id2(struct sev_issue_cmd *argp) >> return -EFAULT; >> >> /* Check if we have write access to the userspace buffer */ >> + input_address = (void __user *)input.address; >> if (input.address && >> input.length && >> - !access_ok(input.address, input.length)) >> + !access_ok(input_address, input.length)) >> return -EFAULT; >> >> data = kzalloc(sizeof(*data), GFP_KERNEL); >> @@ -667,8 +671,7 @@ static int sev_ioctl_do_get_id2(struct sev_issue_cmd *argp) >> } >> >> if (id_blob) { >> - if (copy_to_user((void __user *)input.address, >> - id_blob, data->len)) { >> + if (copy_to_user(input_address, id_blob, data->len)) { >> ret = -EFAULT; >> goto e_free; >> } >> @@ -727,6 +730,8 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) >> struct sev_user_data_pdh_cert_export input; >> void *pdh_blob = NULL, *cert_blob = NULL; >> struct sev_data_pdh_cert_export *data; >> + void __user *input_cert_chain_address; >> + void __user *input_pdh_cert_address; >> int ret; >> >> /* If platform is not in INIT state then transition it to INIT. */ >> @@ -752,16 +757,19 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) >> !input.cert_chain_address) >> goto cmd; >> >> + input_pdh_cert_address = (void __user *)input.pdh_cert_address; >> + input_cert_chain_address = (void __user *)input.cert_chain_address; >> + >> /* Allocate a physically contiguous buffer to store the PDH blob. */ >> if ((input.pdh_cert_len > SEV_FW_BLOB_MAX_SIZE) || >> - !access_ok(input.pdh_cert_address, input.pdh_cert_len)) { >> + !access_ok(input_pdh_cert_address, input.pdh_cert_len)) { >> ret = -EFAULT; >> goto e_free; >> } >> >> /* Allocate a physically contiguous buffer to store the cert chain blob. */ >> if ((input.cert_chain_len > SEV_FW_BLOB_MAX_SIZE) || >> - !access_ok(input.cert_chain_address, input.cert_chain_len)) { >> + !access_ok(input_cert_chain_address, input.cert_chain_len)) { >> ret = -EFAULT; >> goto e_free; >> } >> @@ -797,7 +805,7 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) >> } >> >> if (pdh_blob) { >> - if (copy_to_user((void __user *)input.pdh_cert_address, >> + if (copy_to_user(input_pdh_cert_address, >> pdh_blob, input.pdh_cert_len)) { >> ret = -EFAULT; >> goto e_free_cert; >> @@ -805,7 +813,7 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) >> } >> >> if (cert_blob) { >> - if (copy_to_user((void __user *)input.cert_chain_address, >> + if (copy_to_user(input_cert_chain_address, >> cert_blob, input.cert_chain_len)) >> ret = -EFAULT; >> } >> diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h >> index 7fbc8679145c..49d155cd2dfe 100644 >> --- a/include/linux/psp-sev.h >> +++ b/include/linux/psp-sev.h >> @@ -597,7 +597,7 @@ int sev_guest_df_flush(int *error); >> */ >> int sev_guest_decommission(struct sev_data_decommission *data, int *error); >> >> -void *psp_copy_user_blob(u64 __user uaddr, u32 len); >> +void *psp_copy_user_blob(u64 uaddr, u32 len); >> >> #else /* !CONFIG_CRYPTO_DEV_SP_PSP */ >> >> -- >> Email: Herbert Xu <herbert@gondor.apana.org.au> >> Home Page: https://nam11.safelinks.protection.outlook.com/?url=http:%2F%2Fgondor.apana.org.au%2F~herbert%2F&data=02%7C01%7Cthomas.lendacky%40amd.com%7Cb8a1d59a9c134071943008d80866470a%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637268582661190553&sdata=ePa5t%2BDK%2F0k9Hu573nxhLbRL15rR7yXVDek%2BiLn59q0%3D&reserved=0 >> PGP Key: https://nam11.safelinks.protection.outlook.com/?url=http:%2F%2Fgondor.apana.org.au%2F~herbert%2Fpubkey.txt&data=02%7C01%7Cthomas.lendacky%40amd.com%7Cb8a1d59a9c134071943008d80866470a%7C3dd8961fe4884e608e11a82d994e183d%7C0%7C0%7C637268582661190553&sdata=dWlePUyxRZVnH%2F6RgU%2FA8E3xwKxuJXCviXYLN1SF%2FQs%3D&reserved=0 >
diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c index 439cd737076e..aa576529283b 100644 --- a/drivers/crypto/ccp/sev-dev.c +++ b/drivers/crypto/ccp/sev-dev.c @@ -376,6 +376,7 @@ static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable) struct sev_device *sev = psp_master->sev_data; struct sev_user_data_pek_csr input; struct sev_data_pek_csr *data; + void __user *input_address; void *blob = NULL; int ret; @@ -394,7 +395,8 @@ static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable) goto cmd; /* allocate a physically contiguous buffer to store the CSR blob */ - if (!access_ok(input.address, input.length) || + input_address = (void __user *)input.address; + if (!access_ok(input_address, input.length) || input.length > SEV_FW_BLOB_MAX_SIZE) { ret = -EFAULT; goto e_free; @@ -427,7 +429,7 @@ static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable) } if (blob) { - if (copy_to_user((void __user *)input.address, blob, input.length)) + if (copy_to_user(input_address, blob, input.length)) ret = -EFAULT; } @@ -438,7 +440,7 @@ static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable) return ret; } -void *psp_copy_user_blob(u64 __user uaddr, u32 len) +void *psp_copy_user_blob(u64 uaddr, u32 len) { if (!uaddr || !len) return ERR_PTR(-EINVAL); @@ -447,7 +449,7 @@ void *psp_copy_user_blob(u64 __user uaddr, u32 len) if (len > SEV_FW_BLOB_MAX_SIZE) return ERR_PTR(-EINVAL); - return memdup_user((void __user *)(uintptr_t)uaddr, len); + return memdup_user((void __user *)uaddr, len); } EXPORT_SYMBOL_GPL(psp_copy_user_blob); @@ -622,6 +624,7 @@ static int sev_ioctl_do_get_id2(struct sev_issue_cmd *argp) { struct sev_user_data_get_id2 input; struct sev_data_get_id *data; + void __user *input_address; void *id_blob = NULL; int ret; @@ -633,9 +636,10 @@ static int sev_ioctl_do_get_id2(struct sev_issue_cmd *argp) return -EFAULT; /* Check if we have write access to the userspace buffer */ + input_address = (void __user *)input.address; if (input.address && input.length && - !access_ok(input.address, input.length)) + !access_ok(input_address, input.length)) return -EFAULT; data = kzalloc(sizeof(*data), GFP_KERNEL); @@ -667,8 +671,7 @@ static int sev_ioctl_do_get_id2(struct sev_issue_cmd *argp) } if (id_blob) { - if (copy_to_user((void __user *)input.address, - id_blob, data->len)) { + if (copy_to_user(input_address, id_blob, data->len)) { ret = -EFAULT; goto e_free; } @@ -727,6 +730,8 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) struct sev_user_data_pdh_cert_export input; void *pdh_blob = NULL, *cert_blob = NULL; struct sev_data_pdh_cert_export *data; + void __user *input_cert_chain_address; + void __user *input_pdh_cert_address; int ret; /* If platform is not in INIT state then transition it to INIT. */ @@ -752,16 +757,19 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) !input.cert_chain_address) goto cmd; + input_pdh_cert_address = (void __user *)input.pdh_cert_address; + input_cert_chain_address = (void __user *)input.cert_chain_address; + /* Allocate a physically contiguous buffer to store the PDH blob. */ if ((input.pdh_cert_len > SEV_FW_BLOB_MAX_SIZE) || - !access_ok(input.pdh_cert_address, input.pdh_cert_len)) { + !access_ok(input_pdh_cert_address, input.pdh_cert_len)) { ret = -EFAULT; goto e_free; } /* Allocate a physically contiguous buffer to store the cert chain blob. */ if ((input.cert_chain_len > SEV_FW_BLOB_MAX_SIZE) || - !access_ok(input.cert_chain_address, input.cert_chain_len)) { + !access_ok(input_cert_chain_address, input.cert_chain_len)) { ret = -EFAULT; goto e_free; } @@ -797,7 +805,7 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) } if (pdh_blob) { - if (copy_to_user((void __user *)input.pdh_cert_address, + if (copy_to_user(input_pdh_cert_address, pdh_blob, input.pdh_cert_len)) { ret = -EFAULT; goto e_free_cert; @@ -805,7 +813,7 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) } if (cert_blob) { - if (copy_to_user((void __user *)input.cert_chain_address, + if (copy_to_user(input_cert_chain_address, cert_blob, input.cert_chain_len)) ret = -EFAULT; } diff --git a/include/linux/psp-sev.h b/include/linux/psp-sev.h index 7fbc8679145c..49d155cd2dfe 100644 --- a/include/linux/psp-sev.h +++ b/include/linux/psp-sev.h @@ -597,7 +597,7 @@ int sev_guest_df_flush(int *error); */ int sev_guest_decommission(struct sev_data_decommission *data, int *error); -void *psp_copy_user_blob(u64 __user uaddr, u32 len); +void *psp_copy_user_blob(u64 uaddr, u32 len); #else /* !CONFIG_CRYPTO_DEV_SP_PSP */
This patch fixes a bunch of sparse warnings in sev-dev where the __user marking is incorrectly handled. Reported-by: kbuild test robot <lkp@intel.com> Fixes: 7360e4b14350 ("crypto: ccp: Implement SEV_PEK_CERT_IMPORT...") Fixes: e799035609e1 ("crypto: ccp: Implement SEV_PEK_CSR ioctl...") Fixes: 76a2b524a4b1 ("crypto: ccp - introduce SEV_GET_ID2 command") Fixes: d6112ea0cb34 ("crypto: ccp - introduce SEV_GET_ID2 command") Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>