Re: [PATCH v8 06/11] x86/traps: Add #VE support for TDX guest

[Kuppuswamy, Sathyanarayanan]

On 10/7/21 10:06 AM, Borislav Petkov wrote:
> Same question as before - why do you need to clear this @out thing above
> when __tdx_module_call() will overwrite it?

Now checking again, I think we don't to initialize the @out pointer. I will
fix this in call cases.

But for tdx_get_ve_info() case, we are updating the @ve pointer without
checking the tdcall return value and __tdx_module_call() will update the
@out only if tdcall is successful. Currently due to @out=0 initialization,
this logic does not cause any issue. But to properly fix it, I need to
check for tdcall return value before updating the @ve value.

> What you should do instead is check that @ve pointer which you get
> passed in - it might be NULL.

Current use case of tdx_get_ve_info() can never be NULL. But if you
want to add this check for possible future issues, I can do it.

arch/x86/kernel/traps.c:1205:	ret = tdx_get_ve_info(&ve);
arch/x86/kernel/tdx.c:945:	if (tdx_get_ve_info(&ve))


--
Sathyanarayanan Kuppuswamy
Linux Kernel Developer