Re: [PATCH] KVM: TDX: Replace kmalloc + copy_from_user with memdup_user in tdx_td_init

Next message: Sean Christopherson: "Re: [PATCH v1] KVM: nVMX: Use vcpu instead of vmx-&gt;vcpu when vcpu is available"
Previous message: Wolfram Sang: "Re: [RFC PATCH] reset: always bail out on missing RESET_GPIO driver"
In reply to: Thorsten Blum: "Re: [PATCH] KVM: TDX: Replace kmalloc + copy_from_user with memdup_user in tdx_td_init"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Sean Christopherson

Date: Wed Oct 15 2025 - 14:09:51 EST

On Tue, 16 Sep 2025 23:31:29 +0200, Thorsten Blum wrote:
> Use get_user() to retrieve the number of entries instead of allocating
> memory for 'init_vm' with the maximum size, copying 'cmd->data' to it,
> only to then read the actual entry count 'cpuid.nent' from the copy.
>
> Return -E2BIG early if 'nr_user_entries' exceeds KVM_MAX_CPUID_ENTRIES.
>
> Use memdup_user() to allocate just enough memory to fit all entries and
> to copy 'cmd->data' from userspace. Use struct_size() instead of
> manually calculating the number of bytes to allocate and copy.
>
> [...]

Applied to kvm-x86 vmx, with the aforementioned tweaks. Thanks!

[1/1] KVM: TDX: Replace kmalloc + copy_from_user with memdup_user in tdx_td_init
https://github.com/kvm-x86/linux/commit/0bd0a4a1428b

--
https://github.com/kvm-x86/linux/tree/next