Message ID | 20190819152544.7296-3-jarkko.sakkinen@linux.intel.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | x86/sgx: Improve permission handing | expand |
On Mon, Aug 19, 2019 at 06:25:41PM +0300, Jarkko Sakkinen wrote: > Instead of looping through the array of reserved bytes use memchr_inv() > to check the bytes. > > Cc: Sean Christopherson <sean.j.christpherson@intel.com> > Cc: Shay Katz-zamir <shay.katz-zamir@intel.com> > Cc: Serge Ayoun <serge.ayoun@intel.com> > Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> > --- > arch/x86/kernel/cpu/sgx/driver/ioctl.c | 6 ++---- > 1 file changed, 2 insertions(+), 4 deletions(-) > > diff --git a/arch/x86/kernel/cpu/sgx/driver/ioctl.c b/arch/x86/kernel/cpu/sgx/driver/ioctl.c > index 64d3286f3324..d5f326411df0 100644 > --- a/arch/x86/kernel/cpu/sgx/driver/ioctl.c > +++ b/arch/x86/kernel/cpu/sgx/driver/ioctl.c > @@ -414,7 +414,6 @@ static int sgx_validate_secinfo(struct sgx_secinfo *secinfo) > { > u64 page_type = secinfo->flags & SGX_SECINFO_PAGE_TYPE_MASK; > u64 perm = secinfo->flags & SGX_SECINFO_PERMISSION_MASK; > - int i; > > if ((secinfo->flags & SGX_SECINFO_RESERVED_MASK) || > ((perm & SGX_SECINFO_W) && !(perm & SGX_SECINFO_R)) || > @@ -422,9 +421,8 @@ static int sgx_validate_secinfo(struct sgx_secinfo *secinfo) > page_type != SGX_SECINFO_REG)) > return -EINVAL; > > - for (i = 0; i < SGX_SECINFO_RESERVED_SIZE; i++) > - if (secinfo->reserved[i]) > - return -EINVAL; > + if (memchr_inv(secinfo->reserved, 0, SGX_SECINFO_RESERVED_SIZE)) Doing 'sizeof(secinfo->reserved)' would be preferable, that way we're not dependent on SGX_SECINFO_RESERVED_SIZE being in bytes (I had to check). Obviously not in this patch, but the same cleanup can be applied to sgx_validate_secs(). > + return -EINVAL; > > return 0; > } > -- > 2.20.1 >
On Wed, 2019-08-21 at 20:47 -0700, Sean Christopherson wrote: > > + if (memchr_inv(secinfo->reserved, 0, SGX_SECINFO_RESERVED_SIZE)) > > Doing 'sizeof(secinfo->reserved)' would be preferable, that way we're not > dependent on SGX_SECINFO_RESERVED_SIZE being in bytes (I had to check). > > Obviously not in this patch, but the same cleanup can be applied to > sgx_validate_secs(). Thanks for the valid remark, I squashed with that change. I also edited prepending commit and removed the constant altogether. /Jarkko
diff --git a/arch/x86/kernel/cpu/sgx/driver/ioctl.c b/arch/x86/kernel/cpu/sgx/driver/ioctl.c index 64d3286f3324..d5f326411df0 100644 --- a/arch/x86/kernel/cpu/sgx/driver/ioctl.c +++ b/arch/x86/kernel/cpu/sgx/driver/ioctl.c @@ -414,7 +414,6 @@ static int sgx_validate_secinfo(struct sgx_secinfo *secinfo) { u64 page_type = secinfo->flags & SGX_SECINFO_PAGE_TYPE_MASK; u64 perm = secinfo->flags & SGX_SECINFO_PERMISSION_MASK; - int i; if ((secinfo->flags & SGX_SECINFO_RESERVED_MASK) || ((perm & SGX_SECINFO_W) && !(perm & SGX_SECINFO_R)) || @@ -422,9 +421,8 @@ static int sgx_validate_secinfo(struct sgx_secinfo *secinfo) page_type != SGX_SECINFO_REG)) return -EINVAL; - for (i = 0; i < SGX_SECINFO_RESERVED_SIZE; i++) - if (secinfo->reserved[i]) - return -EINVAL; + if (memchr_inv(secinfo->reserved, 0, SGX_SECINFO_RESERVED_SIZE)) + return -EINVAL; return 0; }
Instead of looping through the array of reserved bytes use memchr_inv() to check the bytes. Cc: Sean Christopherson <sean.j.christpherson@intel.com> Cc: Shay Katz-zamir <shay.katz-zamir@intel.com> Cc: Serge Ayoun <serge.ayoun@intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> --- arch/x86/kernel/cpu/sgx/driver/ioctl.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-)