x86/sgx: Fix size overflows in sgx_encl_create()
The total size calculated for EPC can overflow u64 given the added up page
for SECS. Further, the total size calculated for shmem can overflow even
when the EPC size stays within limits of u64, given that it adds the extra
space for 128 byte PCMD structures (one for each page).
Address this by pre-evaluating the micro-architectural requirement of
SGX: the address space size must be power of two. This is eventually
checked up by ECREATE but the pre-check has the additional benefit of
making sure that there is some space for additional data.
Fixes: 888d249117 ("x86/sgx: Add SGX_IOC_ENCLAVE_CREATE")
Reported-by: Dan Carpenter <dan.carpenter@linaro.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Acked-by: Dave Hansen <dave.hansen@intel.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Link: https://lore.kernel.org/r/20250305050006.43896-1-jarkko@kernel.org
Closes: https://lore.kernel.org/linux-sgx/c87e01a0-e7dd-4749-a348-0980d3444f04@stanley.mountain/
This commit is contained in:
Jarkko Sakkinen
committed by
Ingo Molnar
Ingo Molnar
parent
f6bdaab79e
commit
0d3e0dfd68
@@ -64,6 +64,13 @@ static int sgx_encl_create(struct sgx_encl *encl, struct sgx_secs *secs)
|
||||
struct file *backing;
|
||||
long ret;
|
||||
|
||||
/*
|
||||
* ECREATE would detect this too, but checking here also ensures
|
||||
* that the 'encl_size' calculations below can never overflow.
|
||||
*/
|
||||
if (!is_power_of_2(secs->size))
|
||||
return -EINVAL;
|
||||
|
||||
va_page = sgx_encl_grow(encl, true);
|
||||
if (IS_ERR(va_page))
|
||||
return PTR_ERR(va_page);
|
||||
|
||||
Reference in New Issue
Block a user