On Wed, 7 Apr 2021 21:52:50 +0000 Sean Christopherson wrote: > On Thu, Apr 08, 2021, Kai Huang wrote: > > + /* > > + * Copy contents into kernel memory to prevent TOCTOU attack. E.g. the > > + * guest could do ECREATE w/ SECS.SGX_ATTR_PROVISIONKEY=0, and > > + * simultaneously set SGX_ATTR_PROVISIONKEY to bypass the check to > > + * enforce restriction of access to the PROVISIONKEY. > > + */ > > + contents = (struct sgx_secs *)__get_free_page(GFP_KERNEL); > > This should use GFP_KERNEL_ACCOUNT. May I ask why? The page is only a temporary allocation, it will be freed before this function returns. I guess a 4K page is OK?
