Re: [PATCH v2] virt: tdx-guest: Add Quote generation support using TSM_REPORTS

From: Kuppuswamy Sathyanarayanan
Date: Wed Sep 20 2023 - 14:08:53 EST

Next message: Alexander Lobakin: "[PATCH net-next 0/3] net/intel: fix link-time undefined reference errors"
Previous message: Rob Clark: "[PATCH] drm/ci: Uprev IGT to pull in fixes"
In reply to: Kirill A . Shutemov: "Re: [PATCH v2] virt: tdx-guest: Add Quote generation support using TSM_REPORTS"
Next in thread: Dave Hansen: "Re: [PATCH v2] virt: tdx-guest: Add Quote generation support using TSM_REPORTS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 9/20/2023 10:52 AM, Kirill A . Shutemov wrote:
> On Wed, Sep 20, 2023 at 08:27:39AM -0700, Kuppuswamy Sathyanarayanan wrote:
>>
>>
>> On 9/20/2023 6:16 AM, Kirill A . Shutemov wrote:
>>>> +static u8 *tdx_report_new(const struct tsm_desc *desc, void *data, size_t *outblob_len)
>>>> +{
>>>> + struct tdx_quote_buf *quote_buf = quote_data;
>>>> + int ret;
>>>> + u8 *buf;
>>>> + u64 err;
>>>> +
>>>> + if (mutex_lock_interruptible(&quote_lock))
>>>> + return ERR_PTR(-EINTR);
>>>> +
>>>> + /*
>>>> + * If the previous request is timedout or interrupted, and the
>>>> + * Quote buf status is still in GET_QUOTE_IN_FLIGHT (owned by
>>>> + * VMM), don't permit any new request.
>>>> + */
>>>> + if (quote_buf->status == GET_QUOTE_IN_FLIGHT) {
>>>> + ret = -EBUSY;
>>>> + goto done;
>>>> + }
>>>> +
>>>> + if (desc->inblob_len != TDX_REPORTDATA_LEN) {
>>>> + ret = -EINVAL;
>>>> + goto done;
>>>> + }
>>>> +
>>>> + /* TDX attestation only supports default format request */
>>>> + if (desc->outblob_format != TSM_FORMAT_DEFAULT) {
>>>> + ret = -EINVAL;
>>>> + goto done;
>>>> + }
>>>> +
>>>> + u8 *reportdata __free(kfree) = kmalloc(TDX_REPORTDATA_LEN, GFP_KERNEL);
>>> __free() is new to me. Good to know.
>>>
>>> But are we okay now with declaring variables in the middle of the
>>> function? Any reason we can't do at the top?
>>
>> Declaring variables at the top is no longer a hard requirement. The main reason
>> for declaring it here is to use __free cleanup function. If we use top
>> declaration, then we have free it manually.
>
> What's wrong with allocating it it there too?

My thinking is to allocate it when we really need it. We only need this memory if the
GetQuote hypercall is successful. We can also allocate it at the top and there is
nothing wrong with it, but it will not be used in failure cases. Since top declarations
are not a requirement, why allocate it early?

>

--
Sathyanarayanan Kuppuswamy
Linux Kernel Developer

Next message: Alexander Lobakin: "[PATCH net-next 0/3] net/intel: fix link-time undefined reference errors"
Previous message: Rob Clark: "[PATCH] drm/ci: Uprev IGT to pull in fixes"
In reply to: Kirill A . Shutemov: "Re: [PATCH v2] virt: tdx-guest: Add Quote generation support using TSM_REPORTS"
Next in thread: Dave Hansen: "Re: [PATCH v2] virt: tdx-guest: Add Quote generation support using TSM_REPORTS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]