Re: [PATCH] KVM: x86: TDX: Use validated CPUID entry count for TD init
From: Binbin Wu
Date: Wed Jul 08 2026 - 21:51:09 EST
On 7/9/2026 12:20 AM, Edgecombe, Rick P wrote:
> On Wed, 2026-07-08 at 17:04 +0800, Binbin Wu wrote:
>>> Maybe it would be better to check for a mismatch and return -EINVAL?
>>>
>>> if (init_vm->cpuid.nent != nr_user_entries) {
>>> ret = -EINVAL;
>>> goto out;
>>> }
>>>
>>> That would make the mismatch explicit instead of silently accepting an
>>> inconsistent userspace snapshot.
>>
>> I chose to use the snapshot value to follow KVM_SET_CPUID2's style.
>> KVM_SET_CPUID2 kind of uses the snapshot value of entry count.
>>
>> But returning a error code is OK for me.
>> Let's wait and see what others prefer.
>
> It does seem safer to reject input than have some implicit behavior.
Yea, had a second thought.
If there is a mismatch, the userspace is probably malicious.
It's safer to reject the request when the userspace is suspicious.
Will send v2 to reject the request for the case.