Thread (123 messages) 123 messages, 8 authors, 2021-09-15

Re: [PATCH Part1 v5 37/38] virt: sevguest: Add support to derive key

From: Brijesh Singh <hidden>
Date: 2021-08-31 21:04:23
Also in: kvm, linux-efi, linux-mm, lkml, platform-driver-x86

Hi Dov,


On 8/31/21 1:59 PM, Dov Murik wrote:
quoted
+
+	/*
+	 * The intermediate response buffer is used while decrypting the
+	 * response payload. Make sure that it has enough space to cover the
+	 * authtag.
+	 */
+	resp_len = sizeof(resp->data) + crypto->a_len;
+	resp = kzalloc(resp_len, GFP_KERNEL_ACCOUNT);
The length of resp->data is 64 bytes; I assume crypto->a_len is not a
lot more (and probably known in advance for AES GCM).  Maybe use a
buffer on the stack instead of allocating and freeing?
The authtag size can be up to 16 bytes, so I guess I can allocate 80 
bytes on stack and avoid the kzalloc().
quoted
+	if (!resp)
+		return -ENOMEM;
+
+	/* Issue the command to get the attestation report */
+	rc = handle_guest_request(snp_dev, req.msg_version, SNP_MSG_KEY_REQ,
+				  &req.data, sizeof(req.data), resp->data, resp_len,
+				  &arg->fw_err);
+	if (rc)
+		goto e_free;
+
+	/* Copy the response payload to userspace */
+	if (copy_to_user((void __user *)arg->resp_data, resp, sizeof(*resp)))
+		rc = -EFAULT;
+
+e_free:
+	kfree(resp);
Since resp contains key material, I think you should explicit_memzero()
it before freeing, so the key bytes don't linger around in unused
memory.  I'm not sure if any copies are made inside the
handle_guest_request call above; maybe zero these as well.
I can do that, but I guess I am trying to find a reason for it. The resp 
buffer is encrypted page, so, the key is protected from the hypervisor 
access. Are you thinking about an attack within the VM guest OS ?

-Brijesh
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help