Re: [PATCH v6 1/6] x86/tdx: Fix "in-kernel MMIO" check

From: Dave Hansen
Date: Tue Sep 10 2024 - 15:54:54 EST


On 9/6/24 04:49, Alexey Gladkov wrote:
> +static inline bool is_kernel_addr(unsigned long addr)
> +{
> + return (long)addr < 0;
> +}
> +
> static int handle_mmio(struct pt_regs *regs, struct ve_info *ve)
> {
> unsigned long *reg, val, vaddr;
> @@ -434,6 +439,11 @@ static int handle_mmio(struct pt_regs *regs, struct ve_info *ve)
> return -EINVAL;
> }
>
> + if (!user_mode(regs) && !is_kernel_addr(ve->gla)) {
> + WARN_ONCE(1, "Access to userspace address is not supported");
> + return -EINVAL;
> + }

Should we really be open-coding a "is_kernel_addr" check? I mean,
TASK_SIZE_MAX is there for a reason. While I doubt we'd ever change the
positive vs. negative address space convention on 64-bit, I don't see a
good reason to write a 64-bit x86-specific is_kernel_addr() when a more
generic, portable and conventional idiom would do.

So, please use either a:

addr < TASK_SIZE_MAX

check, or use fault_in_kernel_space() directly.