| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <817700cd-1db2-558b-ae62-fdb279bca6ed@amazon.de>
Date: Mon, 6 Jul 2020 12:16:31 +0200
From: Alexander Graf <graf@...zon.de>
To: Andra Paraschiv <andraprs@...zon.com>,
<linux-kernel@...r.kernel.org>
CC: Anthony Liguori <aliguori@...zon.com>,
Benjamin Herrenschmidt <benh@...nel.crashing.org>,
Colm MacCarthaigh <colmmacc@...zon.com>,
"Bjoern Doebel" <doebel@...zon.de>,
David Woodhouse <dwmw@...zon.co.uk>,
"Frank van der Linden" <fllinden@...zon.com>,
Greg KH <gregkh@...uxfoundation.org>,
Martin Pohlack <mpohlack@...zon.de>,
Matt Wilson <msw@...zon.com>,
"Paolo Bonzini" <pbonzini@...hat.com>,
Balbir Singh <sblbir@...zon.com>,
"Stefano Garzarella" <sgarzare@...hat.com>,
Stefan Hajnoczi <stefanha@...hat.com>,
Stewart Smith <trawets@...zon.com>,
Uwe Dannowski <uwed@...zon.de>, <kvm@...r.kernel.org>,
<ne-devel-upstream@...zon.com>
Subject: Re: [PATCH v4 10/18] nitro_enclaves: Add logic for enclave image load
info
On 22.06.20 22:03, Andra Paraschiv wrote:
> Before setting the memory regions for the enclave, the enclave image
> needs to be placed in memory. After the memory regions are set, this
> memory cannot be used anymore by the VM, being carved out.
>
> Add ioctl command logic to get the offset in enclave memory where to
> place the enclave image. Then the user space tooling copies the enclave
> image in the memory using the given memory offset.
>
> Signed-off-by: Andra Paraschiv <andraprs@...zon.com>
> ---
> Changelog
>
> v3 -> v4
>
> * Use dev_err instead of custom NE log pattern.
> * Set enclave image load offset based on flags.
> * Update the naming for the ioctl command from metadata to info.
>
> v2 -> v3
>
> * No changes.
>
> v1 -> v2
>
> * New in v2.
> ---
> drivers/virt/nitro_enclaves/ne_misc_dev.c | 25 +++++++++++++++++++++++
> 1 file changed, 25 insertions(+)
>
> diff --git a/drivers/virt/nitro_enclaves/ne_misc_dev.c b/drivers/virt/nitro_enclaves/ne_misc_dev.c
> index d6777008f685..cfdefa52ed2a 100644
> --- a/drivers/virt/nitro_enclaves/ne_misc_dev.c
> +++ b/drivers/virt/nitro_enclaves/ne_misc_dev.c
> @@ -536,6 +536,31 @@ static long ne_enclave_ioctl(struct file *file, unsigned int cmd,
> return rc;
> }
>
> + case NE_GET_IMAGE_LOAD_INFO: {
> + struct ne_image_load_info image_load_info = {};
> +
> + if (copy_from_user(&image_load_info, (void *)arg,
> + sizeof(image_load_info))) {
> + dev_err_ratelimited(ne_misc_dev.this_device,
> + "Error in copy from user\n");
The -EFAULT tells you all you need. Just remove this print.
> +
> + return -EFAULT;
> + }
> +
> + if (image_load_info.flags == NE_EIF_IMAGE)
> + image_load_info.memory_offset = NE_EIF_LOAD_OFFSET;
> +
> + if (copy_to_user((void *)arg, &image_load_info,
> + sizeof(image_load_info))) {
> + dev_err_ratelimited(ne_misc_dev.this_device,
> + "Error in copy to user\n");
Same here.
Alex
> +
> + return -EFAULT;
> + }
> +
> + return 0;
> + }
> +
> default:
> return -ENOTTY;
> }
>
Amazon Development Center Germany GmbH
Krausenstr. 38
10117 Berlin
Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss
Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B
Sitz: Berlin
Ust-ID: DE 289 237 879
Powered by blists - more mailing lists