| Message ID | 1490794592-15238-1-git-send-email-sean.j.christopherson@intel.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On Wed, Mar 29, 2017 at 06:36:32AM -0700, Sean Christopherson wrote: > Arbitrarily de-referencing a task_struct pointer is not safe, even > if a reference to its pid is held. Remove the task_struct pointer > from sgx_encl to remove the temptation to write buggy code. > > Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com> Thanks. /Jarkko > --- > drivers/platform/x86/intel_sgx.h | 1 - > drivers/platform/x86/intel_sgx_ioctl.c | 1 - > 2 files changed, 2 deletions(-) > > diff --git a/drivers/platform/x86/intel_sgx.h b/drivers/platform/x86/intel_sgx.h > index adb5b17..30da167 100644 > --- a/drivers/platform/x86/intel_sgx.h > +++ b/drivers/platform/x86/intel_sgx.h > @@ -137,7 +137,6 @@ struct sgx_encl { > unsigned int flags; > unsigned int secs_child_cnt; > struct mutex lock; > - struct task_struct *owner; > struct mm_struct *mm; > struct file *backing; > struct file *pcmd; > diff --git a/drivers/platform/x86/intel_sgx_ioctl.c b/drivers/platform/x86/intel_sgx_ioctl.c > index e0e2f14..7b99aa8 100644 > --- a/drivers/platform/x86/intel_sgx_ioctl.c > +++ b/drivers/platform/x86/intel_sgx_ioctl.c > @@ -531,7 +531,6 @@ static long sgx_ioc_enclave_create(struct file *filep, unsigned int cmd, > mutex_init(&encl->lock); > INIT_WORK(&encl->add_page_work, sgx_add_page_worker); > > - encl->owner = current->group_leader; > encl->mm = current->mm; > encl->base = secs->base; > encl->size = secs->size; > -- > 2.7.4 > > _______________________________________________ > intel-sgx-kernel-dev mailing list > intel-sgx-kernel-dev@lists.01.org > https://lists.01.org/mailman/listinfo/intel-sgx-kernel-dev
diff --git a/drivers/platform/x86/intel_sgx.h b/drivers/platform/x86/intel_sgx.h index adb5b17..30da167 100644 --- a/drivers/platform/x86/intel_sgx.h +++ b/drivers/platform/x86/intel_sgx.h @@ -137,7 +137,6 @@ struct sgx_encl { unsigned int flags; unsigned int secs_child_cnt; struct mutex lock; - struct task_struct *owner; struct mm_struct *mm; struct file *backing; struct file *pcmd; diff --git a/drivers/platform/x86/intel_sgx_ioctl.c b/drivers/platform/x86/intel_sgx_ioctl.c index e0e2f14..7b99aa8 100644 --- a/drivers/platform/x86/intel_sgx_ioctl.c +++ b/drivers/platform/x86/intel_sgx_ioctl.c @@ -531,7 +531,6 @@ static long sgx_ioc_enclave_create(struct file *filep, unsigned int cmd, mutex_init(&encl->lock); INIT_WORK(&encl->add_page_work, sgx_add_page_worker); - encl->owner = current->group_leader; encl->mm = current->mm; encl->base = secs->base; encl->size = secs->size;
Arbitrarily de-referencing a task_struct pointer is not safe, even if a reference to its pid is held. Remove the task_struct pointer from sgx_encl to remove the temptation to write buggy code. Signed-off-by: Sean Christopherson <sean.j.christopherson@intel.com> --- drivers/platform/x86/intel_sgx.h | 1 - drivers/platform/x86/intel_sgx_ioctl.c | 1 - 2 files changed, 2 deletions(-)