virt: sev-guest: Rename local guest message variables

static int verify_and_dec_payload(struct snp_guest_dev *snp_dev, void *payload, u32 sz)

{

	struct snp_guest_crypto *crypto = snp_dev->crypto;

	struct snp_guest_msg *resp = &snp_dev->secret_response;

	struct snp_guest_msg *req = &snp_dev->secret_request;

	struct snp_guest_msg_hdr *req_hdr = &req->hdr;

	struct snp_guest_msg_hdr *resp_hdr = &resp->hdr;

	struct snp_guest_msg *resp_msg = &snp_dev->secret_response;

	struct snp_guest_msg *req_msg = &snp_dev->secret_request;

	struct snp_guest_msg_hdr *req_msg_hdr = &req_msg->hdr;

	struct snp_guest_msg_hdr *resp_msg_hdr = &resp_msg->hdr;

	pr_debug("response [seqno %lld type %d version %d sz %d]\n",

		 resp_hdr->msg_seqno, resp_hdr->msg_type, resp_hdr->msg_version,

		 resp_hdr->msg_sz);

		 resp_msg_hdr->msg_seqno, resp_msg_hdr->msg_type, resp_msg_hdr->msg_version,

		 resp_msg_hdr->msg_sz);

	/* Copy response from shared memory to encrypted memory. */

	memcpy(resp, snp_dev->response, sizeof(*resp));

	memcpy(resp_msg, snp_dev->response, sizeof(*resp_msg));

	/* Verify that the sequence counter is incremented by 1 */

	if (unlikely(resp_hdr->msg_seqno != (req_hdr->msg_seqno + 1)))

	if (unlikely(resp_msg_hdr->msg_seqno != (req_msg_hdr->msg_seqno + 1)))

		return -EBADMSG;

	/* Verify response message type and version number. */

	if (resp_hdr->msg_type != (req_hdr->msg_type + 1) ||

	    resp_hdr->msg_version != req_hdr->msg_version)

	if (resp_msg_hdr->msg_type != (req_msg_hdr->msg_type + 1) ||

	    resp_msg_hdr->msg_version != req_msg_hdr->msg_version)

		return -EBADMSG;

	/*

	 * If the message size is greater than our buffer length then return

	 * an error.

	 */

	if (unlikely((resp_hdr->msg_sz + crypto->a_len) > sz))

	if (unlikely((resp_msg_hdr->msg_sz + crypto->a_len) > sz))

		return -EBADMSG;

	/* Decrypt the payload */

	return dec_payload(snp_dev, resp, payload, resp_hdr->msg_sz + crypto->a_len);

	return dec_payload(snp_dev, resp_msg, payload, resp_msg_hdr->msg_sz + crypto->a_len);

}

static int enc_payload(struct snp_guest_dev *snp_dev, u64 seqno, int version, u8 type,

			void *payload, size_t sz)

{

	struct snp_guest_msg *req = &snp_dev->secret_request;

	struct snp_guest_msg_hdr *hdr = &req->hdr;

	struct snp_guest_msg *msg = &snp_dev->secret_request;

	struct snp_guest_msg_hdr *hdr = &msg->hdr;

	memset(req, 0, sizeof(*req));

	memset(msg, 0, sizeof(*msg));

	hdr->algo = SNP_AEAD_AES_256_GCM;

	hdr->hdr_version = MSG_HDR_VER;

	pr_debug("request [seqno %lld type %d version %d sz %d]\n",

		 hdr->msg_seqno, hdr->msg_type, hdr->msg_version, hdr->msg_sz);

	return __enc_payload(snp_dev, req, payload, sz);

	return __enc_payload(snp_dev, msg, payload, sz);

}

static int __handle_guest_request(struct snp_guest_dev *snp_dev, u64 exit_code,

static int get_report(struct snp_guest_dev *snp_dev, struct snp_guest_request_ioctl *arg)

{

	struct snp_guest_crypto *crypto = snp_dev->crypto;

	struct snp_report_req *req = &snp_dev->req.report;

	struct snp_report_resp *resp;

	struct snp_report_req *report_req = &snp_dev->req.report;

	struct snp_report_resp *report_resp;

	int rc, resp_len;

	lockdep_assert_held(&snp_cmd_mutex);

	if (!arg->req_data || !arg->resp_data)

		return -EINVAL;

	if (copy_from_user(req, (void __user *)arg->req_data, sizeof(*req)))

	if (copy_from_user(report_req, (void __user *)arg->req_data, sizeof(*report_req)))

		return -EFAULT;

	/*

	 * response payload. Make sure that it has enough space to cover the

	 * authtag.

	 */

	resp_len = sizeof(resp->data) + crypto->a_len;

	resp = kzalloc(resp_len, GFP_KERNEL_ACCOUNT);

	if (!resp)

	resp_len = sizeof(report_resp->data) + crypto->a_len;

	report_resp = kzalloc(resp_len, GFP_KERNEL_ACCOUNT);

	if (!report_resp)

		return -ENOMEM;

	rc = handle_guest_request(snp_dev, SVM_VMGEXIT_GUEST_REQUEST, arg,

				  SNP_MSG_REPORT_REQ, req, sizeof(*req), resp->data,

				  resp_len);

	rc = handle_guest_request(snp_dev, SVM_VMGEXIT_GUEST_REQUEST, arg, SNP_MSG_REPORT_REQ,

				  report_req, sizeof(*report_req), report_resp->data, resp_len);

	if (rc)

		goto e_free;

	if (copy_to_user((void __user *)arg->resp_data, resp, sizeof(*resp)))

	if (copy_to_user((void __user *)arg->resp_data, report_resp, sizeof(*report_resp)))

		rc = -EFAULT;

e_free:

	kfree(resp);

	kfree(report_resp);

	return rc;

}

static int get_derived_key(struct snp_guest_dev *snp_dev, struct snp_guest_request_ioctl *arg)

{

	struct snp_derived_key_req *req = &snp_dev->req.derived_key;

	struct snp_derived_key_req *derived_key_req = &snp_dev->req.derived_key;

	struct snp_guest_crypto *crypto = snp_dev->crypto;

	struct snp_derived_key_resp resp = {0};

	struct snp_derived_key_resp derived_key_resp = {0};

	int rc, resp_len;

	/* Response data is 64 bytes and max authsize for GCM is 16 bytes. */

	u8 buf[64 + 16];

	 * response payload. Make sure that it has enough space to cover the

	 * authtag.

	 */

	resp_len = sizeof(resp.data) + crypto->a_len;

	resp_len = sizeof(derived_key_resp.data) + crypto->a_len;

	if (sizeof(buf) < resp_len)

		return -ENOMEM;

	if (copy_from_user(req, (void __user *)arg->req_data, sizeof(*req)))

	if (copy_from_user(derived_key_req, (void __user *)arg->req_data,

			   sizeof(*derived_key_req)))

		return -EFAULT;

	rc = handle_guest_request(snp_dev, SVM_VMGEXIT_GUEST_REQUEST, arg,

				  SNP_MSG_KEY_REQ, req, sizeof(*req), buf, resp_len);

	rc = handle_guest_request(snp_dev, SVM_VMGEXIT_GUEST_REQUEST, arg, SNP_MSG_KEY_REQ,

				  derived_key_req, sizeof(*derived_key_req), buf, resp_len);

	if (rc)

		return rc;

	memcpy(resp.data, buf, sizeof(resp.data));

	if (copy_to_user((void __user *)arg->resp_data, &resp, sizeof(resp)))

	memcpy(derived_key_resp.data, buf, sizeof(derived_key_resp.data));

	if (copy_to_user((void __user *)arg->resp_data, &derived_key_resp,

			 sizeof(derived_key_resp)))

		rc = -EFAULT;

	/* The response buffer contains the sensitive data, explicitly clear it. */

	memzero_explicit(buf, sizeof(buf));

	memzero_explicit(&resp, sizeof(resp));

	memzero_explicit(&derived_key_resp, sizeof(derived_key_resp));

	return rc;

}

			  struct snp_req_resp *io)

{

	struct snp_ext_report_req *req = &snp_dev->req.ext_report;

	struct snp_ext_report_req *report_req = &snp_dev->req.ext_report;

	struct snp_guest_crypto *crypto = snp_dev->crypto;

	struct snp_report_resp *resp;

	struct snp_report_resp *report_resp;

	int ret, npages = 0, resp_len;

	sockptr_t certs_address;

	if (sockptr_is_null(io->req_data) || sockptr_is_null(io->resp_data))

		return -EINVAL;

	if (copy_from_sockptr(req, io->req_data, sizeof(*req)))

	if (copy_from_sockptr(report_req, io->req_data, sizeof(*report_req)))

		return -EFAULT;

	/* caller does not want certificate data */

	if (!req->certs_len || !req->certs_address)

	if (!report_req->certs_len || !report_req->certs_address)

		goto cmd;

	if (req->certs_len > SEV_FW_BLOB_MAX_SIZE ||

	    !IS_ALIGNED(req->certs_len, PAGE_SIZE))

	if (report_req->certs_len > SEV_FW_BLOB_MAX_SIZE ||

	    !IS_ALIGNED(report_req->certs_len, PAGE_SIZE))

		return -EINVAL;

	if (sockptr_is_kernel(io->resp_data)) {

		certs_address = KERNEL_SOCKPTR((void *)req->certs_address);

		certs_address = KERNEL_SOCKPTR((void *)report_req->certs_address);

	} else {

		certs_address = USER_SOCKPTR((void __user *)req->certs_address);

		if (!access_ok(certs_address.user, req->certs_len))

		certs_address = USER_SOCKPTR((void __user *)report_req->certs_address);

		if (!access_ok(certs_address.user, report_req->certs_len))

			return -EFAULT;

	}

	 * the host. If host does not supply any certs in it, then copy

	 * zeros to indicate that certificate data was not provided.

	 */

	memset(snp_dev->certs_data, 0, req->certs_len);

	npages = req->certs_len >> PAGE_SHIFT;

	memset(snp_dev->certs_data, 0, report_req->certs_len);

	npages = report_req->certs_len >> PAGE_SHIFT;

cmd:

	/*

	 * The intermediate response buffer is used while decrypting the

	 * response payload. Make sure that it has enough space to cover the

	 * authtag.

	 */

	resp_len = sizeof(resp->data) + crypto->a_len;

	resp = kzalloc(resp_len, GFP_KERNEL_ACCOUNT);

	if (!resp)

	resp_len = sizeof(report_resp->data) + crypto->a_len;

	report_resp = kzalloc(resp_len, GFP_KERNEL_ACCOUNT);

	if (!report_resp)

		return -ENOMEM;

	snp_dev->input.data_npages = npages;

	ret = handle_guest_request(snp_dev, SVM_VMGEXIT_EXT_GUEST_REQUEST, arg,

				   SNP_MSG_REPORT_REQ, &req->data,

				   sizeof(req->data), resp->data, resp_len);

	ret = handle_guest_request(snp_dev, SVM_VMGEXIT_EXT_GUEST_REQUEST, arg, SNP_MSG_REPORT_REQ,

				   &report_req->data, sizeof(report_req->data),

				   report_resp->data, resp_len);

	/* If certs length is invalid then copy the returned length */

	if (arg->vmm_error == SNP_GUEST_VMM_ERR_INVALID_LEN) {

		req->certs_len = snp_dev->input.data_npages << PAGE_SHIFT;

		report_req->certs_len = snp_dev->input.data_npages << PAGE_SHIFT;

		if (copy_to_sockptr(io->req_data, req, sizeof(*req)))

		if (copy_to_sockptr(io->req_data, report_req, sizeof(*report_req)))

			ret = -EFAULT;

	}

	if (ret)

		goto e_free;

	if (npages && copy_to_sockptr(certs_address, snp_dev->certs_data, req->certs_len)) {

	if (npages && copy_to_sockptr(certs_address, snp_dev->certs_data, report_req->certs_len)) {

		ret = -EFAULT;

		goto e_free;

	}

	if (copy_to_sockptr(io->resp_data, resp, sizeof(*resp)))

	if (copy_to_sockptr(io->resp_data, report_resp, sizeof(*report_resp)))

		ret = -EFAULT;

e_free:

	kfree(resp);

	kfree(report_resp);

	return ret;

}