Re: [PATCH 40/70] x86/sev-es: Setup per-cpu GHCBs for the runtime handler

From: Tom Lendacky
Date: Tue Apr 14 2020 - 16:17:32 EST




On 4/14/20 3:12 PM, Dave Hansen wrote:
On 4/14/20 1:04 PM, Tom Lendacky wrote:
set_memory_decrypted needs to check the return value. I see it
consistently return ENOMEM. I've traced that back to split_large_page
in arch/x86/mm/pat/set_memory.c.

At that point the guest won't be able to communicate with the
hypervisor, too. Maybe we should BUG() here to terminate further
processing?

Escalating an -ENOMEM into a crashed kernel seems a bit extreme.
Granted, the guest may be in an unrecoverable state, but the host
doesn't need to be too.


The host wouldn't be. This only happens in a guest, so it would be just causing the guest kernel to panic early in the boot.

Thanks,
Tom