On Tue, Nov 15, 2022 at 02:47:31PM -0700, Peter Gonda wrote: > > > + * certificate data buffer retry the same guest request without the > > > + * extended data request. > > > + */ > > > + if (exit_code == SVM_VMGEXIT_EXT_GUEST_REQUEST && > > > + err == SNP_GUEST_REQ_INVALID_LEN) { > > > + const unsigned int certs_npages = snp_dev->input.data_npages; > > > + > > > + exit_code = SVM_VMGEXIT_GUEST_REQUEST; > > > + rc = snp_issue_guest_request(exit_code, &snp_dev->input, &err); > > > + > > > + err = SNP_GUEST_REQ_INVALID_LEN; > > > > Huh, why are we overwriting err here? > > I have added a comment for the next revision. > > We are overwriting err here so that userspace is alerted that they > supplied a buffer too small. Sure but you're not checking rc either. What if that reissue fails for whatever other reason? -EIO for example... -- Regards/Gruss, Boris. SUSE Software Solutions Germany GmbH GF: Ivo Totev, Andrew Myers, Andrew McDonald, Martje Boudien Moerman (HRB 36809, AG Nürnberg)