Re: [PATCH V4 0/1] KVM: TDX: Decrease TDX VM shutdown time

[Xiaoyao Li]

On 7/12/2025 7:17 AM, Edgecombe, Rick P wrote:
> On Fri, 2025-07-11 at 16:05 -0700, Sean Christopherson wrote:
> > > Zero the reserved area in struct kvm_tdx_capabilities so that fields added
> > > in
> > > the reserved area won't disturb any userspace that previously had garbage
> > > there.
> >
> > It's not only about disturbing userspace, it's also about actually being able
> > to repurpose the reserved fields in the future without needing *another* flag
> > to tell userspace that it's ok to read the previously-reserved fields.  I care
> > about this much more than I care about userspace using reserved fields as
> > scratch space.
>
> If, before calling KVM_TDX_CAPABILITIES, userspace zeros the new field that it
> knows about, but isn't sure if the kernel does, it's the same no?
>
> Did you see that the way KVM_TDX_CAPABILITIES is implemented today is a little
> weird? It actually copies the whole struct kvm_tdx_capabilities from userspace
> and then sets some fields (not reserved) and then copies it back. So userspace
> can zero any fields it wants to know about before calling KVM_TDX_CAPABILITIES.
> Then it could know the same things as if the kernel zeroed it.
>
> I was actually wondering if we want to change the kernel to zero reserved, if it
> might make more sense to just copy caps->cpuid.nent field from userspace, and
> then populate the whole thing starting from a zero'd buffer in the kernel.

+1 to zero the whole buffer of *caps in the kernel.

current code seems to have issue on the 
caps->kernel_tdvmcallinfo_1_r11/kernel_tdvmcallinfo_1_r12/user_tdvmcallinfo_1_r12, 
as KVM cannot guarantee zero'ed value are returned to userspace.