RE: [PATCH][v4] virt: tdx-guest: Don't free decrypted memory

From: Li,Rongqing
Date: Wed Jul 03 2024 - 21:01:46 EST

Next message: Daejun Park: "[PATCH] f2fs: fix null reference error when checking end of zone"
Previous message: Tengfei Fan: "Re: [PATCH 00/47] arm64: qcom: dts: add QCS9100 support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> In CoCo VMs it is possible for the untrusted host to cause
> set_memory_decrypted() to fail such that an error is returned and the resulting
> memory is shared. Callers need to take care to handle these errors to avoid
> returning decrypted (shared) memory to the page allocator, which could lead to
> functional or security issues.
>
> Leak the decrypted memory when set_memory_decrypted() fails, and don't
> need to print an error since set_memory_decrypted() will call WARN_ONCE().
>
> Reviewed-by: Rick Edgecombe <rick.p.edgecombe@xxxxxxxxx>
> Reviewed-by: Kirill A. Shutemov <kirill.shutemov@xxxxxxxxxxxxxxx>
> Signed-off-by: Li RongQing <lirongqing@xxxxxxxxx>
> ---

Ping

Thank

-LiRongQing

Next message: Daejun Park: "[PATCH] f2fs: fix null reference error when checking end of zone"
Previous message: Tengfei Fan: "Re: [PATCH 00/47] arm64: qcom: dts: add QCS9100 support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]