| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <BL1PR11MB5978299D3FE0EA6DA0DAD0AEF7322@BL1PR11MB5978.namprd11.prod.outlook.com> Date: Sat, 7 Dec 2024 00:00:07 +0000 From: "Huang, Kai" <kai.huang@...el.com> To: "Hansen, Dave" <dave.hansen@...el.com>, "Li, Xiaoyao" <xiaoyao.li@...el.com>, "pbonzini@...hat.com" <pbonzini@...hat.com>, "seanjc@...gle.com" <seanjc@...gle.com>, "Edgecombe, Rick P" <rick.p.edgecombe@...el.com> CC: "kvm@...r.kernel.org" <kvm@...r.kernel.org>, "Chatre, Reinette" <reinette.chatre@...el.com>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "Zhao, Yan Y" <yan.y.zhao@...el.com>, "isaku.yamahata@...il.com" <isaku.yamahata@...il.com>, "tony.lindgren@...ux.intel.com" <tony.lindgren@...ux.intel.com> Subject: RE: [PATCH v2 03/25] x86/virt/tdx: Read essential global metadata for KVM > On 12/6/24 08:13, Huang, Kai wrote: > > It is not safe. We need to check > > > > sysinfo_td_conf->num_cpuid_config <= 32. > > > > If the TDX module version is not matched with the json file that was > > used to generate the tdx_global_metadata.h, the num_cpuid_config > > reported by the actual TDX module might exceed 32 which causes > > out-of-bound array access. > > The JSON *IS* the ABI description. It can't change between versions of the > TDX module. It can only be extended. The "32" is not in the spec because the > spec refers to the JSON! Ah, yeah, agreed, the "spec refers to the JSON". :-)
Powered by blists - more mailing lists