On Thu, Dec 05, 2024 at 11:53:53AM +0530, Nikunj A. Dadhania wrote:
> > * get_report - I don't think so:
> >
> > /*
> > * The intermediate response buffer is used while decrypting the
> > * response payload. Make sure that it has enough space to cover the
> > * authtag.
> > */
> > resp_len = sizeof(report_resp->data) + mdesc->ctx->authsize;
> > report_resp = kzalloc(resp_len, GFP_KERNEL_ACCOUNT);
> >
> > That resp_len is limited and that's on the guest_ioctl path which cannot
> > happen concurrently?
>
> It is a trusted allocation, but should it be accounted as it is part of
> the userspace ioctl path ?
Well, it is unlocked_ioctl() and snp_guest_ioctl() is not taking any locks.
What's stopping anyone from writing a nasty little program which hammers the
sev-guest on the ioctl interface until the OOM killer activates?
IOW, this should probably remain _ACCOUNT AFAICT.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
