On Mon, Aug 19, 2019 at 06:25:42PM +0300, Jarkko Sakkinen wrote: > Split the huge conditional statement to three separate ones in > order to make it easier to understand what is going on in the > validation code. > > Cc: Sean Christopherson <sean.j.christpherson@xxxxxxxxx> > Cc: Shay Katz-zamir <shay.katz-zamir@xxxxxxxxx> > Cc: Serge Ayoun <serge.ayoun@xxxxxxxxx> > Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx> > --- > arch/x86/kernel/cpu/sgx/driver/ioctl.c | 13 +++++++++---- > 1 file changed, 9 insertions(+), 4 deletions(-) > > diff --git a/arch/x86/kernel/cpu/sgx/driver/ioctl.c b/arch/x86/kernel/cpu/sgx/driver/ioctl.c > index d5f326411df0..99b1b9776c3a 100644 > --- a/arch/x86/kernel/cpu/sgx/driver/ioctl.c > +++ b/arch/x86/kernel/cpu/sgx/driver/ioctl.c > @@ -415,10 +415,15 @@ static int sgx_validate_secinfo(struct sgx_secinfo *secinfo) > u64 page_type = secinfo->flags & SGX_SECINFO_PAGE_TYPE_MASK; > u64 perm = secinfo->flags & SGX_SECINFO_PERMISSION_MASK; > > - if ((secinfo->flags & SGX_SECINFO_RESERVED_MASK) || > - ((perm & SGX_SECINFO_W) && !(perm & SGX_SECINFO_R)) || > - (page_type != SGX_SECINFO_TCS && page_type != SGX_SECINFO_TRIM && > - page_type != SGX_SECINFO_REG)) > + if ((page_type != SGX_SECINFO_REG && > + page_type != SGX_SECINFO_TCS && > + page_type != SGX_SECINFO_TRIM)) Shouldn't we disallow TRIM until SGX2 is supported? > + return -EINVAL; > + > + if ((perm & SGX_SECINFO_W) && !(perm & SGX_SECINFO_R)) > + return -EINVAL; > + > + if (secinfo->flags & SGX_SECINFO_RESERVED_MASK) > return -EINVAL; > > if (memchr_inv(secinfo->reserved, 0, SGX_SECINFO_RESERVED_SIZE)) > -- > 2.20.1 >
