| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 28 Mar 2022 13:22:25 -0700
From: Isaku Yamahata <isaku.yamahata@...il.com>
To: Kai Huang <kai.huang@...el.com>
Cc: Isaku Yamahata <isaku.yamahata@...il.com>,
linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
dave.hansen@...el.com, seanjc@...gle.com, pbonzini@...hat.com,
kirill.shutemov@...ux.intel.com,
sathyanarayanan.kuppuswamy@...ux.intel.com, peterz@...radead.org,
tony.luck@...el.com, ak@...ux.intel.com, dan.j.williams@...el.com,
isaku.yamahata@...el.com
Subject: Re: [PATCH v2 09/21] x86/virt/tdx: Get information about TDX module
and convertible memory
On Mon, Mar 28, 2022 at 02:30:05PM +1300,
Kai Huang <kai.huang@...el.com> wrote:
>
> > > +
> > > +static int sanitize_cmrs(struct cmr_info *cmr_array, int cmr_num)
> > > +{
> > > + int i, j;
> > > +
> > > + /*
> > > + * Intel TDX module spec, 20.7.3 CMR_INFO:
> > > + *
> > > + * TDH.SYS.INFO leaf function returns a MAX_CMRS (32) entry
> > > + * array of CMR_INFO entries. The CMRs are sorted from the
> > > + * lowest base address to the highest base address, and they
> > > + * are non-overlapping.
> > > + *
> > > + * This implies that BIOS may generate invalid empty entries
> > > + * if total CMRs are less than 32. Skip them manually.
> > > + */
> > > + for (i = 0; i < cmr_num; i++) {
> > > + struct cmr_info *cmr = &cmr_array[i];
> > > + struct cmr_info *prev_cmr = NULL;
> > > +
> > > + /* Skip further invalid CMRs */
> > > + if (!cmr_valid(cmr))
> > > + break;
> > > +
> > > + if (i > 0)
> > > + prev_cmr = &cmr_array[i - 1];
> > > +
> > > + /*
> > > + * It is a TDX firmware bug if CMRs are not
> > > + * in address ascending order.
> > > + */
> > > + if (prev_cmr && ((prev_cmr->base + prev_cmr->size) >
> > > + cmr->base)) {
> > > + pr_err("Firmware bug: CMRs not in address ascending order.\n");
> > > + return -EFAULT;
> > > + }
> > > + }
> > > +
> > > + /*
> > > + * Also a sane BIOS should never generate invalid CMR(s) between
> > > + * two valid CMRs. Sanity check this and simply return error in
> > > + * this case.
> > > + */
> > > + for (j = i; j < cmr_num; j++)
> > > + if (cmr_valid(&cmr_array[j])) {
> > > + pr_err("Firmware bug: invalid CMR(s) among valid CMRs.\n");
> > > + return -EFAULT;
> > > + }
> >
> > This check doesn't make sense because above i-for loop has break.
>
> The break in above i-for loop will hit at the first invalid CMR entry. Yes "j =
> i" will make double check on this invalid CMR entry, but it should have no
> problem. Or we can change to "j = i + 1" to skip the first invalid CMR entry.
>
> Does this make sense?
It makes sense. Somehow I missed j = i. I scratch my review.
--
Isaku Yamahata <isaku.yamahata@...il.com>
Powered by blists - more mailing lists