Re: [PATCH 3/6] x86/sev-es: Use __put_user()/__get_user

[PATCH 0/6] x86/sev-es: Fixes for SEV-ES guest support · Joerg Roedel <joro@8bytes.org> · 2021-05-12
[PATCH 1/6] x86/sev-es: Don't return NULL from sev_es_get_ghcb() · Joerg Roedel <joro@8bytes.org> · 2021-05-12
[PATCH 2/6] x86/sev-es: Forward page-faults which happen during emulation · Joerg Roedel <joro@8bytes.org> · 2021-05-12
[PATCH 4/6] Revert "x86/sev-es: Handle string port IO to kernel memory properly" · Joerg Roedel <joro@8bytes.org> · 2021-05-12
[PATCH 3/6] x86/sev-es: Use __put_user()/__get_user · Joerg Roedel <joro@8bytes.org> · 2021-05-12
RE: [PATCH 3/6] x86/sev-es: Use __put_user()/__get_user · David Laight <hidden> · 2021-05-12
Re: [PATCH 3/6] x86/sev-es: Use __put_user()/__get_user · Juergen Gross <jgross@suse.com> · 2021-05-12
Re: [PATCH 3/6] x86/sev-es: Use __put_user()/__get_user · 'Joerg Roedel' <joro@8bytes.org> · 2021-05-12
Re: [PATCH 3/6] x86/sev-es: Use __put_user()/__get_user · Juergen Gross <jgross@suse.com> · 2021-05-12
RE: [PATCH 3/6] x86/sev-es: Use __put_user()/__get_user · David Laight <hidden> · 2021-05-12
Re: [PATCH 3/6] x86/sev-es: Use __put_user()/__get_user · Joerg Roedel <hidden> · 2021-05-12
Re: [PATCH 3/6] x86/sev-es: Use __put_user()/__get_user · 'Joerg Roedel' <joro@8bytes.org> · 2021-05-19
Re: [PATCH 3/6] x86/sev-es: Use __put_user()/__get_user · 'Joerg Roedel' <joro@8bytes.org> · 2021-05-12
Re: [PATCH 3/6] x86/sev-es: Use __put_user()/__get_user · Dave Hansen <hidden> · 2021-05-12
Re: [PATCH 3/6] x86/sev-es: Use __put_user()/__get_user · Dave Hansen <hidden> · 2021-05-12
Re: [PATCH 3/6] x86/sev-es: Use __put_user()/__get_user · Joerg Roedel <joro@8bytes.org> · 2021-05-12
[PATCH 5/6] x86/sev-es: Fix error message in runtime #VC handler · Joerg Roedel <joro@8bytes.org> · 2021-05-12
[PATCH 6/6] x86/sev-es: Leave NMI-mode before sending signals · Joerg Roedel <joro@8bytes.org> · 2021-05-12

From: Juergen Gross via Virtualization <hidden>
Date: 2021-05-12 08:16:18
Also in: kvm, linux-coco, lkml, stable

On 12.05.21 10:04, David Laight wrote:

From: Joerg

quoted

Sent: 12 May 2021 08:55

From: Joerg Roedel <redacted>

The put_user() and get_user() functions do checks on the address which is
passed to them. They check whether the address is actually a user-space
address and whether its fine to access it. They also call might_fault()
to indicate that they could fault and possibly sleep.

All of these checks are neither wanted nor required in the #VC exception
handler, which can be invoked from almost any context and also for MMIO
instructions from kernel space on kernel memory. All the #VC handler
wants to know is whether a fault happened when the access was tried.

This is provided by __put_user()/__get_user(), which just do the access
no matter what.

That can't be right at all.
__put/get_user() are only valid on user addresses and will try to
fault in a missing page - so can sleep.

At best this is abused the calls.

You want something like xen_safe_[read|write]_ulong().


Juergen

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help