On 4/26/19 3:43 PM, Borislav Petkov wrote: > On Fri, Apr 26, 2019 at 02:29:31PM +0000, Singh, Brijesh wrote: >> Yes that's doable but I am afraid that caching the value may lead us to >> wrong path and also divergence from the SEV API spec. The spec says the >> returned length is a minimum length but its possible that caller can >> give a bigger buffer and FW will still work with it. > > Does the caller even have a valid reason to give a bigger buffer len? > Practically I don't see any reason why caller would do that but theoretically it can. If we cache the len then we also need to consider adding another flag to hint whether userspace ever requested length. e.g an application can compute the length of session blob by looking at the API version and spec and may never query the length. > I mean I'm still thinking defensively here but maybe the only thing that > would happen here with a bigger buffer is if the kmalloc() would fail, > leading to eventual failure of the migration. > > If the code limits the allocation to some sane max length, the migration > won't fail even if userspace gives it too big values... >