lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <202209191759.OT0VLBym-lkp@intel.com>
Date:   Mon, 19 Sep 2022 17:49:20 +0800
From:   kernel test robot <lkp@...el.com>
To:     Kuppuswamy Sathyanarayanan 
        <sathyanarayanan.kuppuswamy@...ux.intel.com>
Cc:     kbuild-all@...ts.01.org, linux-kernel@...r.kernel.org
Subject: [intel-tdx:guest-attest 8/9] arch/x86/coco/tdx/tdx.c:904:13-20:
 WARNING opportunity for memdup_user

tree:   https://github.com/intel/tdx.git guest-attest
head:   9bb81d656ad4e186ad241f08f8b787f87a22c34f
commit: 82114551ae4b398f3283fc843586cf47af178d2d [8/9] x86/tdx: Add VERIFYREPORT support
config: x86_64-randconfig-c002-20220919 (https://download.01.org/0day-ci/archive/20220919/202209191759.OT0VLBym-lkp@intel.com/config)
compiler: gcc-11 (Debian 11.3.0-5) 11.3.0

If you fix the issue, kindly add following tag where applicable
Reported-by: kernel test robot <lkp@...el.com>

cocci warnings: (new ones prefixed by >>)
>> arch/x86/coco/tdx/tdx.c:904:13-20: WARNING opportunity for memdup_user

vim +904 arch/x86/coco/tdx/tdx.c

   884	
   885	static long tdx_verifyreport(void __user *argp)
   886	{
   887		struct tdx_verifyreport_req req;
   888		void *reportmac = NULL;
   889		long ret;
   890	
   891		/* Copy verifyrequest struct from the user buffer */
   892		if (copy_from_user(&req, argp, sizeof(req)))
   893			return -EFAULT;
   894	
   895		/*
   896		 * Per TDX Module 1.5 specification, section titled
   897		 * "TDG.MR.VERIFYREPORT", REPORTMACSTRUCT length is
   898		 * fixed as TDX_REPORTMACSTRUCT_LEN.
   899		 */
   900		if (req.rpm_len != TDX_REPORTMACSTRUCT_LEN)
   901			return -EINVAL;
   902	
   903		/* Allocate buffer space for REPORTMACSTRUCT */
 > 904		reportmac = kmalloc(req.rpm_len, GFP_KERNEL);
   905		if (!reportmac)
   906			return -ENOMEM;
   907	
   908		/* Copy REPORTDATA from the user buffer */
   909		if (copy_from_user(reportmac, u64_to_user_ptr(req.reportmac),
   910					req.rpm_len)) {
   911			ret = -EFAULT;
   912			goto out;
   913		}
   914	
   915		/*
   916		 * Verify REPORTMACSTRUCT using "TDG.MR.VERIFYREPORT" TDCALL.
   917		 *
   918		 * Verify whether REPORTMACSTRUCT is created on current TEE on
   919		 * the current platform. Refer to section 8.5.11
   920		 * TDG.MR.VERIFYREPORT leaf in the TDX Module 1.5 Specification
   921		 * for detailed information.
   922		 */
   923		ret = __tdx_module_call(TDX_VERIFYREPORT, virt_to_phys(reportmac),
   924					0, 0, 0, NULL);
   925		if (ret) {
   926			pr_debug("VERIFYREPORT TDCALL failed, status:%lx\n", ret);
   927			ret = -EIO;
   928			goto out;
   929		}
   930	
   931		/* Copy TDREPORT back to the user buffer */
   932		if (copy_to_user(u64_to_user_ptr(req.reportmac), reportmac,
   933					req.rpm_len))
   934			ret = -EFAULT;
   935	
   936	out:
   937		kfree(reportmac);
   938		return ret;
   939	}
   940	

-- 
0-DAY CI Kernel Test Service
https://01.org/lkp

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ