Re: [PATCH 40/70] x86/sev-es: Setup per-cpu GHCBs for the runtime handler

From: Tom Lendacky
Date: Tue Apr 14 2020 - 16:17:32 EST

Next message: Daniel Borkmann: "Re: [PATCH-next] bpf: Verifier, remove unneeded conversion to bool"
Previous message: Jeff Layton: "Re: What's a good default TTL for DNS keys in the kernel"
In reply to: Dave Hansen: "Re: [PATCH 40/70] x86/sev-es: Setup per-cpu GHCBs for the runtime handler"
Next in thread: Tom Lendacky: "Re: [PATCH 40/70] x86/sev-es: Setup per-cpu GHCBs for the runtime handler"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 4/14/20 3:12 PM, Dave Hansen wrote:

On 4/14/20 1:04 PM, Tom Lendacky wrote:

set_memory_decrypted needs to check the return value. I see it
consistently return ENOMEM. I've traced that back to split_large_page
in arch/x86/mm/pat/set_memory.c.

At that point the guest won't be able to communicate with the
hypervisor, too. Maybe we should BUG() here to terminate further
processing?

Escalating an -ENOMEM into a crashed kernel seems a bit extreme.
Granted, the guest may be in an unrecoverable state, but the host
doesn't need to be too.

The host wouldn't be. This only happens in a guest, so it would be just causing the guest kernel to panic early in the boot.

Thanks,
Tom

Next message: Daniel Borkmann: "Re: [PATCH-next] bpf: Verifier, remove unneeded conversion to bool"
Previous message: Jeff Layton: "Re: What's a good default TTL for DNS keys in the kernel"
In reply to: Dave Hansen: "Re: [PATCH 40/70] x86/sev-es: Setup per-cpu GHCBs for the runtime handler"
Next in thread: Tom Lendacky: "Re: [PATCH 40/70] x86/sev-es: Setup per-cpu GHCBs for the runtime handler"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]