diff mbox series

[v2,7/8] crypto: ccp: Use the stack and common buffer for INIT command

Message ID 20210406224952.4177376-8-seanjc@google.com
State Accepted
Commit a402e35177797d736dd3dc2d8537c1c9ac90d54a
Headers show
Series ccp: KVM: SVM: Use stack for SEV command buffers | expand

Commit Message

Sean Christopherson April 6, 2021, 10:49 p.m. UTC 
Drop the dedicated init_cmd_buf and instead use a local variable.  Now
that the low level helper uses an internal buffer for all commands,
using the stack for the upper layers is safe even when running with
CONFIG_VMAP_STACK=y.

Signed-off-by: Sean Christopherson <seanjc@google.com>
---
 drivers/crypto/ccp/sev-dev.c | 10 ++++++----
 drivers/crypto/ccp/sev-dev.h |  1 -
 2 files changed, 6 insertions(+), 5 deletions(-)

Comments

Christophe Leroy April 7, 2021, 5:20 a.m. UTC | #1 
Le 07/04/2021 à 00:49, Sean Christopherson a écrit :
> Drop the dedicated init_cmd_buf and instead use a local variable.  Now
> that the low level helper uses an internal buffer for all commands,
> using the stack for the upper layers is safe even when running with
> CONFIG_VMAP_STACK=y.
> 
> Signed-off-by: Sean Christopherson <seanjc@google.com>
> ---
>   drivers/crypto/ccp/sev-dev.c | 10 ++++++----
>   drivers/crypto/ccp/sev-dev.h |  1 -
>   2 files changed, 6 insertions(+), 5 deletions(-)
> 
> diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
> index e54774b0d637..9ff28df03030 100644
> --- a/drivers/crypto/ccp/sev-dev.c
> +++ b/drivers/crypto/ccp/sev-dev.c
> @@ -233,6 +233,7 @@ static int sev_do_cmd(int cmd, void *data, int *psp_ret)
>   static int __sev_platform_init_locked(int *error)
>   {
>   	struct psp_device *psp = psp_master;
> +	struct sev_data_init data;

struct sev_data_init data = {0, 0, 0, 0};

>   	struct sev_device *sev;
>   	int rc = 0;
>   
> @@ -244,6 +245,7 @@ static int __sev_platform_init_locked(int *error)
>   	if (sev->state == SEV_STATE_INIT)
>   		return 0;
>   
> +	memset(&data, 0, sizeof(data));

Not needed.

>   	if (sev_es_tmr) {
>   		u64 tmr_pa;
>   
> @@ -253,12 +255,12 @@ static int __sev_platform_init_locked(int *error)
>   		 */
>   		tmr_pa = __pa(sev_es_tmr);
>   
> -		sev->init_cmd_buf.flags |= SEV_INIT_FLAGS_SEV_ES;
> -		sev->init_cmd_buf.tmr_address = tmr_pa;
> -		sev->init_cmd_buf.tmr_len = SEV_ES_TMR_SIZE;
> +		data.flags |= SEV_INIT_FLAGS_SEV_ES;
> +		data.tmr_address = tmr_pa;
> +		data.tmr_len = SEV_ES_TMR_SIZE;
>   	}
>   
> -	rc = __sev_do_cmd_locked(SEV_CMD_INIT, &sev->init_cmd_buf, error);
> +	rc = __sev_do_cmd_locked(SEV_CMD_INIT, &data, error);
>   	if (rc)
>   		return rc;
>   
> diff --git a/drivers/crypto/ccp/sev-dev.h b/drivers/crypto/ccp/sev-dev.h
> index 0fd21433f627..666c21eb81ab 100644
> --- a/drivers/crypto/ccp/sev-dev.h
> +++ b/drivers/crypto/ccp/sev-dev.h
> @@ -46,7 +46,6 @@ struct sev_device {
>   	unsigned int int_rcvd;
>   	wait_queue_head_t int_queue;
>   	struct sev_misc_dev *misc;
> -	struct sev_data_init init_cmd_buf;
>   
>   	u8 api_major;
>   	u8 api_minor;
>
diff mbox series

Patch

diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c
index e54774b0d637..9ff28df03030 100644
--- a/drivers/crypto/ccp/sev-dev.c
+++ b/drivers/crypto/ccp/sev-dev.c
@@ -233,6 +233,7 @@  static int sev_do_cmd(int cmd, void *data, int *psp_ret)
 static int __sev_platform_init_locked(int *error)
 {
 	struct psp_device *psp = psp_master;
+	struct sev_data_init data;
 	struct sev_device *sev;
 	int rc = 0;
 
@@ -244,6 +245,7 @@  static int __sev_platform_init_locked(int *error)
 	if (sev->state == SEV_STATE_INIT)
 		return 0;
 
+	memset(&data, 0, sizeof(data));
 	if (sev_es_tmr) {
 		u64 tmr_pa;
 
@@ -253,12 +255,12 @@  static int __sev_platform_init_locked(int *error)
 		 */
 		tmr_pa = __pa(sev_es_tmr);
 
-		sev->init_cmd_buf.flags |= SEV_INIT_FLAGS_SEV_ES;
-		sev->init_cmd_buf.tmr_address = tmr_pa;
-		sev->init_cmd_buf.tmr_len = SEV_ES_TMR_SIZE;
+		data.flags |= SEV_INIT_FLAGS_SEV_ES;
+		data.tmr_address = tmr_pa;
+		data.tmr_len = SEV_ES_TMR_SIZE;
 	}
 
-	rc = __sev_do_cmd_locked(SEV_CMD_INIT, &sev->init_cmd_buf, error);
+	rc = __sev_do_cmd_locked(SEV_CMD_INIT, &data, error);
 	if (rc)
 		return rc;
 
diff --git a/drivers/crypto/ccp/sev-dev.h b/drivers/crypto/ccp/sev-dev.h
index 0fd21433f627..666c21eb81ab 100644
--- a/drivers/crypto/ccp/sev-dev.h
+++ b/drivers/crypto/ccp/sev-dev.h
@@ -46,7 +46,6 @@  struct sev_device {
 	unsigned int int_rcvd;
 	wait_queue_head_t int_queue;
 	struct sev_misc_dev *misc;
-	struct sev_data_init init_cmd_buf;
 
 	u8 api_major;
 	u8 api_minor;