Hi, On 9/7/22 10:31 PM, Greg Kroah-Hartman wrote: > On Wed, Sep 07, 2022 at 05:27:20PM -0700, Kuppuswamy Sathyanarayanan wrote: >> + /* >> + * Per TDX Module 1.0 specification, section titled >> + * "TDG.MR.REPORT", REPORTDATA length is fixed as >> + * TDX_REPORTDATA_LEN, TDREPORT length is fixed as >> + * TDX_REPORT_LEN, and TDREPORT subtype is fixed as >> + * 0. Also check for valid user pointers. >> + */ >> + if (!req.reportdata || !req.tdreport || req.subtype || >> + req.rpd_len != TDX_REPORTDATA_LEN || >> + req.tdr_len != TDX_REPORT_LEN) >> + return -EINVAL; > > You never verify that your reserved[7] fields are actually set to 0, > which means you can never use them in the future :( Currently, we don't use those fields in our code. Why do we have to make sure they are set to zero? Can't we add checks when we really use them in future? If your suggestion is to define allowed values of these fields for user, we can add some help in structure definition of "tdx_report_req" in arch/x86/include/uapi/asm/tdx.h > > Please fix that up, thanks. > > greg k-h -- Sathyanarayanan Kuppuswamy Linux Kernel Developer