Commit 835ae3bb authored by Al Viro's avatar Al Viro
Browse files

drivers/crypto/ccp/sev-dev.c: get rid of pointless access_ok() 



Contrary to the comments, those do *NOT* verify anything about
writability of memory, etc.

In all cases addresses are passed only to copy_to_user().

Signed-off-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
parent 9053fc91

drivers/crypto/ccp/sev-dev.c

+3 −12
Original line number Diff line number Diff line
@@ -371,8 +371,7 @@ static int sev_ioctl_do_pek_csr(struct sev_issue_cmd *argp, bool writable) 
		goto cmd;



	/* allocate a physically contiguous buffer to store the CSR blob */

	if (!access_ok(input.address, input.length) ||

	    input.length > SEV_FW_BLOB_MAX_SIZE) {

	if (input.length > SEV_FW_BLOB_MAX_SIZE) {

		ret = -EFAULT;

		goto e_free;

	}
@@ -609,12 +608,6 @@ static int sev_ioctl_do_get_id2(struct sev_issue_cmd *argp) 
	if (copy_from_user(&input, (void __user *)argp->data, sizeof(input)))

		return -EFAULT;



	/* Check if we have write access to the userspace buffer */

	if (input.address &&

	    input.length &&

	    !access_ok(input.address, input.length))

		return -EFAULT;



	data = kzalloc(sizeof(*data), GFP_KERNEL);

	if (!data)

		return -ENOMEM;
@@ -730,15 +723,13 @@ static int sev_ioctl_do_pdh_export(struct sev_issue_cmd *argp, bool writable) 
		goto cmd;



	/* Allocate a physically contiguous buffer to store the PDH blob. */

	if ((input.pdh_cert_len > SEV_FW_BLOB_MAX_SIZE) ||

	    !access_ok(input.pdh_cert_address, input.pdh_cert_len)) {

	if (input.pdh_cert_len > SEV_FW_BLOB_MAX_SIZE) {

		ret = -EFAULT;

		goto e_free;

	}



	/* Allocate a physically contiguous buffer to store the cert chain blob. */

	if ((input.cert_chain_len > SEV_FW_BLOB_MAX_SIZE) ||

	    !access_ok(input.cert_chain_address, input.cert_chain_len)) {

	if (input.cert_chain_len > SEV_FW_BLOB_MAX_SIZE) {

		ret = -EFAULT;

		goto e_free;

	}

CRA Git | Maintained and supported by SUSTech CRA and CCSE