| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Yxl+PE4A+WUfQ7bl@kroah.com>
Date: Thu, 8 Sep 2022 07:31:40 +0200
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: Kuppuswamy Sathyanarayanan
<sathyanarayanan.kuppuswamy@...ux.intel.com>
Cc: Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
Dave Hansen <dave.hansen@...ux.intel.com>, x86@...nel.org,
Shuah Khan <shuah@...nel.org>,
"H . Peter Anvin" <hpa@...or.com>,
"Kirill A . Shutemov" <kirill.shutemov@...ux.intel.com>,
Tony Luck <tony.luck@...el.com>,
Andi Kleen <ak@...ux.intel.com>,
Kai Huang <kai.huang@...el.com>,
Wander Lairson Costa <wander@...hat.com>,
Isaku Yamahata <isaku.yamahata@...il.com>,
marcelo.cerri@...onical.com, tim.gardner@...onical.com,
khalid.elmously@...onical.com, philip.cox@...onical.com,
linux-kernel@...r.kernel.org, linux-kselftest@...r.kernel.org,
linux-doc@...r.kernel.org
Subject: Re: [PATCH v12 1/3] x86/tdx: Add TDX Guest attestation interface
driver
On Wed, Sep 07, 2022 at 05:27:20PM -0700, Kuppuswamy Sathyanarayanan wrote:
> + /*
> + * Per TDX Module 1.0 specification, section titled
> + * "TDG.MR.REPORT", REPORTDATA length is fixed as
> + * TDX_REPORTDATA_LEN, TDREPORT length is fixed as
> + * TDX_REPORT_LEN, and TDREPORT subtype is fixed as
> + * 0. Also check for valid user pointers.
> + */
> + if (!req.reportdata || !req.tdreport || req.subtype ||
> + req.rpd_len != TDX_REPORTDATA_LEN ||
> + req.tdr_len != TDX_REPORT_LEN)
> + return -EINVAL;
You never verify that your reserved[7] fields are actually set to 0,
which means you can never use them in the future :(
Please fix that up, thanks.
greg k-h
Powered by blists - more mailing lists