From nobody Sun Apr 19 02:15:14 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 61B73C43334 for ; Thu, 7 Jul 2022 18:29:16 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236619AbiGGS3O (ORCPT ); Thu, 7 Jul 2022 14:29:14 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53812 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236216AbiGGS2Y (ORCPT ); Thu, 7 Jul 2022 14:28:24 -0400 Received: from galois.linutronix.de (Galois.linutronix.de [193.142.43.55]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 40ED35C9D9; Thu, 7 Jul 2022 11:27:51 -0700 (PDT) Date: Thu, 07 Jul 2022 18:27:48 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020; t=1657218469; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=xlug+O+wWKENGfx1NMesWdk7nV8KiD1gMITWTtkATAo=; b=YKMKvpUm3wLsbCk9gCl3BquViOBSTMhfZLmDQqh7UaxE0ShyYm130LHCPXALo95BcxMcpa +mf28KpxF1Lm3ZCVLuz9Mqo/9GDdeBnj3hxAAoUYzMT/ktCNF2Qh6k+++vM+fmkjyxKbWQ 8RQ8Q/x1aOKH42303Jmz9N/8favjEXKH9OvdjYujag7fFFhFdlojVJ2UAM4IEeRyaKMKS0 JHYBgnn2Xw7KttHJT8Xn8sN0BLoofdzPei02zCEmM1bjU8WOReRHILRC0EsM1lSwfQqJkA hmU0Mbg0/iNQICgfiXatZ2vhQTWBT0qIABJlq7+ssxntwgjQsJTlTgoa1jgfcw== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=linutronix.de; s=2020e; t=1657218469; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=xlug+O+wWKENGfx1NMesWdk7nV8KiD1gMITWTtkATAo=; b=MDNhRg9eVXBVIhXPkhoZUQGzR1hDAatcjjPGstZhPmOGVsRpvyfczDiJ1SZo5mEoiG5ksl q9xlheCdeH7TqTAQ== From: "tip-bot2 for Reinette Chatre" Sender: tip-bot2@linutronix.de Reply-to: linux-kernel@vger.kernel.org To: linux-tip-commits@vger.kernel.org Subject: [tip: x86/sgx] x86/sgx: Create utility to validate user provided offset and length Cc: Reinette Chatre , Dave Hansen , Jarkko Sakkinen , x86@kernel.org, linux-kernel@vger.kernel.org In-Reply-To: =?utf-8?q?=3C767147bc100047abed47fe27c592901adfbb93a2=2E16521?= =?utf-8?q?37848=2Egit=2Ereinette=2Echatre=40intel=2Ecom=3E?= References: =?utf-8?q?=3C767147bc100047abed47fe27c592901adfbb93a2=2E165213?= =?utf-8?q?7848=2Egit=2Ereinette=2Echatre=40intel=2Ecom=3E?= MIME-Version: 1.0 Message-ID: <165721846875.15455.9671992088876807321.tip-bot2@tip-bot2> Robot-ID: Robot-Unsubscribe: Contact to get blacklisted from these emails Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The following commit has been merged into the x86/sgx branch of tip: Commit-ID: dda03e2c331b9fc7bbc8fc0de12a6d92d8c18661 Gitweb: https://git.kernel.org/tip/dda03e2c331b9fc7bbc8fc0de12a6d92d= 8c18661 Author: Reinette Chatre AuthorDate: Tue, 10 May 2022 11:08:46 -07:00 Committer: Dave Hansen CommitterDate: Thu, 07 Jul 2022 10:13:02 -07:00 x86/sgx: Create utility to validate user provided offset and length User provided offset and length is validated when parsing the parameters of the SGX_IOC_ENCLAVE_ADD_PAGES ioctl(). Extract this validation (with consistent use of IS_ALIGNED) into a utility that can be used by the SGX2 ioctl()s that will also provide these values. Signed-off-by: Reinette Chatre Signed-off-by: Dave Hansen Reviewed-by: Jarkko Sakkinen Link: https://lkml.kernel.org/r/767147bc100047abed47fe27c592901adfbb93a2.16= 52137848.git.reinette.chatre@intel.com --- arch/x86/kernel/cpu/sgx/ioctl.c | 28 ++++++++++++++++++++++------ 1 file changed, 22 insertions(+), 6 deletions(-) diff --git a/arch/x86/kernel/cpu/sgx/ioctl.c b/arch/x86/kernel/cpu/sgx/ioct= l.c index 83df20e..a66795e 100644 --- a/arch/x86/kernel/cpu/sgx/ioctl.c +++ b/arch/x86/kernel/cpu/sgx/ioctl.c @@ -372,6 +372,26 @@ err_out_free: return ret; } =20 +/* + * Ensure user provided offset and length values are valid for + * an enclave. + */ +static int sgx_validate_offset_length(struct sgx_encl *encl, + unsigned long offset, + unsigned long length) +{ + if (!IS_ALIGNED(offset, PAGE_SIZE)) + return -EINVAL; + + if (!length || !IS_ALIGNED(length, PAGE_SIZE)) + return -EINVAL; + + if (offset + length - PAGE_SIZE >=3D encl->size) + return -EINVAL; + + return 0; +} + /** * sgx_ioc_enclave_add_pages() - The handler for %SGX_IOC_ENCLAVE_ADD_PAGES * @encl: an enclave pointer @@ -425,14 +445,10 @@ static long sgx_ioc_enclave_add_pages(struct sgx_encl= *encl, void __user *arg) if (copy_from_user(&add_arg, arg, sizeof(add_arg))) return -EFAULT; =20 - if (!IS_ALIGNED(add_arg.offset, PAGE_SIZE) || - !IS_ALIGNED(add_arg.src, PAGE_SIZE)) - return -EINVAL; - - if (!add_arg.length || add_arg.length & (PAGE_SIZE - 1)) + if (!IS_ALIGNED(add_arg.src, PAGE_SIZE)) return -EINVAL; =20 - if (add_arg.offset + add_arg.length - PAGE_SIZE >=3D encl->size) + if (sgx_validate_offset_length(encl, add_arg.offset, add_arg.length)) return -EINVAL; =20 if (copy_from_user(&secinfo, (void __user *)add_arg.secinfo,