On Mon, Apr 05, 2021, Tom Lendacky wrote: > On 4/2/21 6:36 PM, Sean Christopherson wrote: > > diff --git a/drivers/crypto/ccp/sev-dev.c b/drivers/crypto/ccp/sev-dev.c > > index 6556d220713b..4c513318f16a 100644 > > --- a/drivers/crypto/ccp/sev-dev.c > > +++ b/drivers/crypto/ccp/sev-dev.c > > @@ -141,6 +141,7 @@ static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret) > > struct sev_device *sev; > > unsigned int phys_lsb, phys_msb; > > unsigned int reg, ret = 0; > > + int buf_len; > > > > if (!psp || !psp->sev_data) > > return -ENODEV; > > @@ -150,7 +151,11 @@ static int __sev_do_cmd_locked(int cmd, void *data, int *psp_ret) > > > > sev = psp->sev_data; > > > > - if (data && WARN_ON_ONCE(is_vmalloc_addr(data))) > > + buf_len = sev_cmd_buffer_len(cmd); > > + if (WARN_ON_ONCE(!!data != !!buf_len)) > > Seems a bit confusing to me. Can this just be: > > if (WARN_ON_ONCE(data && !buf_len)) Or as Christophe pointed out, "!data != !buf_len". > Or is this also trying to catch the case where buf_len is non-zero but > data is NULL? Ya. It's not necessary to detect "buf_len && !data", but it doesn't incur additional cost. Is there a reason _not_ to disallow that?