summaryrefslogtreecommitdiff
path: root/rust/helpers/security.c
diff options
context:
space:
mode:
authorSean Christopherson <seanjc@google.com>2025-07-14 15:19:28 -0700
committerSean Christopherson <seanjc@google.com>2025-07-15 14:04:39 -0700
commitb8be70ec2b47ca62ccb54dc3c2ab9a9c93653e00 (patch)
tree309be5ae2034d5ee792bb3f894d0962196d1eea1 /rust/helpers/security.c
parentb24bbb534c2da4a9a99a23525e9c24a0be7ec6f4 (diff)
KVM: VMX: Ensure unused kvm_tdx_capabilities fields are zeroed out
Zero-allocate the kernel's kvm_tdx_capabilities structure and copy only the number of CPUID entries from the userspace structure. As is, KVM doesn't ensure kernel_tdvmcallinfo_1_{r11,r12} and user_tdvmcallinfo_1_r12 are zeroed, i.e. KVM will reflect whatever happens to be in the userspace structure back at userspace, and thus may report garbage to userspace. Zeroing the entire kernel structure also provides better semantics for the reserved field. E.g. if KVM extends kvm_tdx_capabilities to enumerate new information by repurposing bytes from the reserved field, userspace would be required to zero the new field in order to get useful information back (because older KVMs without support for the repurposed field would report garbage, a la the aforementioned tdvmcallinfo bugs). Fixes: 61bb28279623 ("KVM: TDX: Get system-wide info about TDX module on initialization") Suggested-by: Rick Edgecombe <rick.p.edgecombe@intel.com> Reported-by: Xiaoyao Li <xiaoyao.li@intel.com> Closes: https://lore.kernel.org/all/3ef581f1-1ff1-4b99-b216-b316f6415318@intel.com Tested-by: Xiaoyao Li <xiaoyao.li@intel.com> Reviewed-by: Xiaoyao Li <xiaoyao.li@intel.com> Reviewed-by: Rick Edgecombe <rick.p.edgecombe@intel.com> Link: https://lore.kernel.org/r/20250714221928.1788095-1-seanjc@google.com Signed-off-by: Sean Christopherson <seanjc@google.com>
Diffstat (limited to 'rust/helpers/security.c')
0 files changed, 0 insertions, 0 deletions