virt: sev-guest: Replace GFP_KERNEL_ACCOUNT with GFP_KERNEL

nikunjad · bp3tk0v · commit 864884a0c29c · 2025-01-07T10:26:20.000+01:00
Replace GFP_KERNEL_ACCOUNT with GFP_KERNEL in the sev-guest driver code. GFP_KERNEL_ACCOUNT is typically used for accounting untrusted userspace allocations. After auditing the sev-guest code, the following changes are necessary: * snp_init_crypto(): Use GFP_KERNEL as this is a trusted device probe path. Retain GFP_KERNEL_ACCOUNT in the following cases for robustness and specific path requirements: * alloc_shared_pages(): Although all allocations are limited, retain GFP_KERNEL_ACCOUNT for future robustness. * get_report() and get_ext_report(): These functions are on the unlocked ioctl path and should continue using GFP_KERNEL_ACCOUNT. Suggested-by: Borislav Petkov <bp@alien8.de> Signed-off-by: Nikunj A Dadhania <nikunj@amd.com> Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de> Link: https://lore.kernel.org/r/20250106124633.1418972-3-nikunj@amd.com
diff --git a/drivers/virt/coco/sev-guest/sev-guest.c b/drivers/virt/coco/sev-guest/sev-guest.c
@@ -141,7 +141,7 @@ static struct aesgcm_ctx *snp_init_crypto(u8 *key, size_t keylen)
 {
 	struct aesgcm_ctx *ctx;
 
-	ctx = kzalloc(sizeof(*ctx), GFP_KERNEL_ACCOUNT);
+	ctx = kzalloc(sizeof(*ctx), GFP_KERNEL);
 	if (!ctx)
 		return NULL;
 

Original file line number	Diff line number	Diff line change
`@@ -141,7 +141,7 @@ static struct aesgcm_ctx snp_init_crypto(u8 key, size_t keylen)`
`141`	`141`	`{`
`142`	`142`	`struct aesgcm_ctx *ctx;`
`143`	`143`
`144`		`- ctx = kzalloc(sizeof(*ctx), GFP_KERNEL_ACCOUNT);`
	`144`	`+ ctx = kzalloc(sizeof(*ctx), GFP_KERNEL);`
`145`	`145`	`if (!ctx)`
`146`	`146`	`return NULL;`
`147`	`147`