Re: [PATCH] x86/mm/cpa: Warn if set_memory_XXcrypted() fails

[Tom Lendacky]

On 10/25/23 20:45, Edgecombe, Rick P wrote:
> On Wed, 2023-10-25 at 13:03 -0500, Tom Lendacky wrote:
> > Reviewed-by: Tom Lendacky <thomas.lendacky@xxxxxxx>
>
> Thanks!
> > >
> >
> > Under SEV, when making a page private/encrypted and the hypervisor
> > does
> > not assign the page to the guest (encrypted), but says it did, then
> > when
> > SEV tries to perform the PVALIDATE in the enc_status_change_finish()
> > call,
> > a nested page fault (#NPF) will be generated and exit to the
> > hypervisor.
> > Until the hypervisor assigns the page to the guest, the guest will
> > not be
> > able to make forward progress in regards to updating or using that
> > page.
>
> Yea, mismatches between guest page tables and EPT/NPT can be trouble
> for TDX as well.
>
> > And if the hypervisor returns an error when changing the page state,
> > then,
> > yes, the guest will terminate.
>
> I guess those callbacks could be changed to return an error after all
> these fixes then, if you want.

Probably not necessary as we will want to terminate the guest in these 
situations and having it here in this one area is easier than checking all 
of the call sites.

Thanks,
Tom