On Thu, Apr 08, 2021, Kai Huang wrote: > On Wed, 7 Apr 2021 21:52:50 +0000 Sean Christopherson wrote: > > On Thu, Apr 08, 2021, Kai Huang wrote: > > > + /* > > > + * Copy contents into kernel memory to prevent TOCTOU attack. E.g. the > > > + * guest could do ECREATE w/ SECS.SGX_ATTR_PROVISIONKEY=0, and > > > + * simultaneously set SGX_ATTR_PROVISIONKEY to bypass the check to > > > + * enforce restriction of access to the PROVISIONKEY. > > > + */ > > > + contents = (struct sgx_secs *)__get_free_page(GFP_KERNEL); > > > > This should use GFP_KERNEL_ACCOUNT. > > May I ask why? The page is only a temporary allocation, it will be freed before > this function returns. I guess a 4K page is OK? A hard limit should not be violated, even temporarily. This is also per vCPU, e.g. a 256 vCPU VM could go 1mb over the limit.
