> On 12/6/24 08:13, Huang, Kai wrote: > > It is not safe. We need to check > > > > sysinfo_td_conf->num_cpuid_config <= 32. > > > > If the TDX module version is not matched with the json file that was > > used to generate the tdx_global_metadata.h, the num_cpuid_config > > reported by the actual TDX module might exceed 32 which causes > > out-of-bound array access. > > The JSON *IS* the ABI description. It can't change between versions of the > TDX module. It can only be extended. The "32" is not in the spec because the > spec refers to the JSON! Ah, yeah, agreed, the "spec refers to the JSON". :-)
