KVM: SEV: Explicitly validate the dst buffer for debug operations

When encrypting/decrypting guest memory, explicitly check that the
destination is non-NULL and doesn't wrap instead of subtly relying on
sev_pin_memory() to perform the check.  This will allow adding and using
a more focused single-page pinning helper.

Link: https://patch.msgid.link/20260501203537.2120074-4-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>

diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
index 00d3bab091d2faeef969b50b36d7bd3b5bd45c02..9e9b8ca2e9f79898fe1bf8c253282b8514987f6a 100644 (file)
--- a/arch/x86/kvm/svm/sev.c
+++ b/arch/x86/kvm/svm/sev.c
@@ -1357,9 +1357,11 @@ static int sev_dbg_crypt(struct kvm *kvm, struct kvm_sev_cmd *argp, bool dec)
        if (copy_from_user(&debug, u64_to_user_ptr(argp->data), sizeof(debug)))
                return -EFAULT;
 
-       if (!debug.len || debug.src_uaddr + debug.len < debug.src_uaddr)
+       if (!debug.len || !debug.src_uaddr || !debug.dst_uaddr)
                return -EINVAL;
-       if (!debug.dst_uaddr)
+
+       if (debug.src_uaddr + debug.len < debug.src_uaddr ||
+           debug.dst_uaddr + debug.len < debug.dst_uaddr)
                return -EINVAL;
 
        vaddr = debug.src_uaddr;