Re: [PATCH v2 5/8] crypto: ccp: Use the stack for small SEV command buffers
From: Paolo Bonzini
Date: Sat Apr 17 2021 - 08:40:48 EST
On 07/04/21 00:49, Sean Christopherson wrote:
For commands with small input/output buffers, use the local stack to
"allocate" the structures used to communicate with the PSP. Now that
__sev_do_cmd_locked() gracefully handles vmalloc'd buffers, there's no
reason to avoid using the stack, e.g. CONFIG_VMAP_STACK=y will just work.
Signed-off-by: Sean Christopherson <seanjc@xxxxxxxxxx>
Squashing this in (inspired by Christophe's review, though not quite
matching his suggestion).
diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index 0f5644a3b138..246b281b6376 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -408,12 +408,11 @@ static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable)
if (copy_from_user(&input, (void __user *)argp->data, sizeof(input)))
return -EFAULT;
+ memset(&data, 0, sizeof(data));
+
/* userspace wants to query CSR length */
- if (!input.address || !input.length) {
- data.address = 0;
- data.len = 0;
+ if (!input.address || !input.length)
goto cmd;
- }
/* allocate a physically contiguous buffer to store the CSR blob */
input_address = (void __user *)input.address;