diff options
| author | Ashish Kalra <[email protected]> | 2022-05-16 15:43:10 +0000 |
|---|---|---|
| committer | Paolo Bonzini <[email protected]> | 2022-05-25 05:11:51 -0400 |
| commit | d22d2474e3953996f03528b84b7f52cc26a39403 (patch) | |
| tree | 352ba2dc6bc40b0bde39a5bee2f7d9cad988d5ee /lib/test_fortify/write_overflow-strlcpy-src.c | |
| parent | d187ba5312307d51818beafaad87d28a7d939adf (diff) | |
KVM: SVM: Use kzalloc for sev ioctl interfaces to prevent kernel data leak
For some sev ioctl interfaces, the length parameter that is passed maybe
less than or equal to SEV_FW_BLOB_MAX_SIZE, but larger than the data
that PSP firmware returns. In this case, kmalloc will allocate memory
that is the size of the input rather than the size of the data.
Since PSP firmware doesn't fully overwrite the allocated buffer, these
sev ioctl interface may return uninitialized kernel slab memory.
Reported-by: Andy Nguyen <[email protected]>
Suggested-by: David Rientjes <[email protected]>
Suggested-by: Peter Gonda <[email protected]>
Cc: [email protected]
Cc: [email protected]
Cc: [email protected]
Fixes: eaf78265a4ab3 ("KVM: SVM: Move SEV code to separate file")
Fixes: 2c07ded06427d ("KVM: SVM: add support for SEV attestation command")
Fixes: 4cfdd47d6d95a ("KVM: SVM: Add KVM_SEV SEND_START command")
Fixes: d3d1af85e2c75 ("KVM: SVM: Add KVM_SEND_UPDATE_DATA command")
Fixes: eba04b20e4861 ("KVM: x86: Account a variety of miscellaneous allocations")
Signed-off-by: Ashish Kalra <[email protected]>
Reviewed-by: Peter Gonda <[email protected]>
Message-Id: <[email protected]>
Signed-off-by: Paolo Bonzini <[email protected]>
Diffstat (limited to 'lib/test_fortify/write_overflow-strlcpy-src.c')
0 files changed, 0 insertions, 0 deletions