lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu,  8 Sep 2022 16:55:57 +0200
From:   Harald Hoyer <harald@...fian.com>
To:     ashish.kalra@....com
Cc:     ak@...ux.intel.com, alpergun@...gle.com, ardb@...nel.org,
        bp@...en8.de, dave.hansen@...ux.intel.com, dgilbert@...hat.com,
        dovmurik@...ux.ibm.com, hpa@...or.com, jarkko@...nel.org,
        jmattson@...gle.com, jroedel@...e.de, kirill@...temov.name,
        kvm@...r.kernel.org, linux-coco@...ts.linux.dev,
        linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org,
        linux-mm@...ck.org, luto@...nel.org, marcorr@...gle.com,
        michael.roth@....com, mingo@...hat.com, pbonzini@...hat.com,
        peterz@...radead.org, pgonda@...gle.com, rientjes@...gle.com,
        sathyanarayanan.kuppuswamy@...ux.intel.com, seanjc@...gle.com,
        slp@...hat.com, srinivas.pandruvada@...ux.intel.com,
        tglx@...utronix.de, thomas.lendacky@....com, tobin@....com,
        tony.luck@...el.com, vbabka@...e.cz, vkuznets@...hat.com,
        x86@...nel.org, Harald Hoyer <harald@...fian.com>
Subject: [[PATCH for v6]] KVM: SEV: fix snp_launch_finish

The `params.auth_key_en` indicator does _not_ specify, whether an
ID_AUTH struct should be sent or not, but, wheter the ID_AUTH struct
contains an author key or not. The firmware always expects an ID_AUTH block.

Link: https://lore.kernel.org/all/cover.1655761627.git.ashish.kalra@amd.com/
Signed-off-by: Harald Hoyer <harald@...fian.com>
---
 arch/x86/kvm/svm/sev.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 85357dc4d231..5cf4be6a33ba 100644
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -2242,17 +2242,18 @@ static int snp_launch_finish(struct kvm *kvm, struct kvm_sev_cmd *argp)
 
 		data->id_block_en = 1;
 		data->id_block_paddr = __sme_pa(id_block);
-	}
 
-	if (params.auth_key_en) {
 		id_auth = psp_copy_user_blob(params.id_auth_uaddr, KVM_SEV_SNP_ID_AUTH_SIZE);
 		if (IS_ERR(id_auth)) {
 			ret = PTR_ERR(id_auth);
 			goto e_free_id_block;
 		}
 
-		data->auth_key_en = 1;
 		data->id_auth_paddr = __sme_pa(id_auth);
+
+		if (params.auth_key_en) {
+			data->auth_key_en = 1;
+		}
 	}
 
 	data->gctx_paddr = __psp_pa(sev->snp_context);
-- 
2.37.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ