| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 6 Jul 2020 16:35:27 +0300
From: "Paraschiv, Andra-Irina" <andraprs@...zon.com>
To: Alexander Graf <graf@...zon.de>, <linux-kernel@...r.kernel.org>
CC: Anthony Liguori <aliguori@...zon.com>,
Benjamin Herrenschmidt <benh@...nel.crashing.org>,
Colm MacCarthaigh <colmmacc@...zon.com>,
"Bjoern Doebel" <doebel@...zon.de>,
David Woodhouse <dwmw@...zon.co.uk>,
"Frank van der Linden" <fllinden@...zon.com>,
Greg KH <gregkh@...uxfoundation.org>,
Martin Pohlack <mpohlack@...zon.de>,
Matt Wilson <msw@...zon.com>,
"Paolo Bonzini" <pbonzini@...hat.com>,
Balbir Singh <sblbir@...zon.com>,
"Stefano Garzarella" <sgarzare@...hat.com>,
Stefan Hajnoczi <stefanha@...hat.com>,
Stewart Smith <trawets@...zon.com>,
Uwe Dannowski <uwed@...zon.de>, <kvm@...r.kernel.org>,
<ne-devel-upstream@...zon.com>
Subject: Re: [PATCH v4 10/18] nitro_enclaves: Add logic for enclave image load
info
On 06/07/2020 13:16, Alexander Graf wrote:
>
>
> On 22.06.20 22:03, Andra Paraschiv wrote:
>> Before setting the memory regions for the enclave, the enclave image
>> needs to be placed in memory. After the memory regions are set, this
>> memory cannot be used anymore by the VM, being carved out.
>>
>> Add ioctl command logic to get the offset in enclave memory where to
>> place the enclave image. Then the user space tooling copies the enclave
>> image in the memory using the given memory offset.
>>
>> Signed-off-by: Andra Paraschiv <andraprs@...zon.com>
>> ---
>> Changelog
>>
>> v3 -> v4
>>
>> * Use dev_err instead of custom NE log pattern.
>> * Set enclave image load offset based on flags.
>> * Update the naming for the ioctl command from metadata to info.
>>
>> v2 -> v3
>>
>> * No changes.
>>
>> v1 -> v2
>>
>> * New in v2.
>> ---
>> drivers/virt/nitro_enclaves/ne_misc_dev.c | 25 +++++++++++++++++++++++
>> 1 file changed, 25 insertions(+)
>>
>> diff --git a/drivers/virt/nitro_enclaves/ne_misc_dev.c
>> b/drivers/virt/nitro_enclaves/ne_misc_dev.c
>> index d6777008f685..cfdefa52ed2a 100644
>> --- a/drivers/virt/nitro_enclaves/ne_misc_dev.c
>> +++ b/drivers/virt/nitro_enclaves/ne_misc_dev.c
>> @@ -536,6 +536,31 @@ static long ne_enclave_ioctl(struct file *file,
>> unsigned int cmd,
>> return rc;
>> }
>> + case NE_GET_IMAGE_LOAD_INFO: {
>> + struct ne_image_load_info image_load_info = {};
>> +
>> + if (copy_from_user(&image_load_info, (void *)arg,
>> + sizeof(image_load_info))) {
>> + dev_err_ratelimited(ne_misc_dev.this_device,
>> + "Error in copy from user\n");
>
> The -EFAULT tells you all you need. Just remove this print.
Removed the log from here and the other occurrences in the patch series.
Thanks,
Andra
>
>> +
>> + return -EFAULT;
>> + }
>> +
>> + if (image_load_info.flags == NE_EIF_IMAGE)
>> + image_load_info.memory_offset = NE_EIF_LOAD_OFFSET;
>> +
>> + if (copy_to_user((void *)arg, &image_load_info,
>> + sizeof(image_load_info))) {
>> + dev_err_ratelimited(ne_misc_dev.this_device,
>> + "Error in copy to user\n");
>
> Same here.
>
>
> Alex
>
>> +
>> + return -EFAULT;
>> + }
>> +
>> + return 0;
>> + }
>> +
>> default:
>> return -ENOTTY;
>> }
>>
Amazon Development Center (Romania) S.R.L. registered office: 27A Sf. Lazar Street, UBC5, floor 2, Iasi, Iasi County, 700045, Romania. Registered in Romania. Registration number J22/2621/2005.
Powered by blists - more mailing lists