答复: [PATCH][v4] virt: tdx-guest: Don't free decrypted memory

From: Li,Rongqing
Date: Wed Nov 27 2024 - 01:25:48 EST

Next message: Christoph Hellwig: "Re: [RFC PATCH 1/1] block/ioctl: Add an ioctl to enable large folios for block buffered IO path"
Previous message: Kartik Rajput: "[PATCH] mailbox: tegra-hsp: Clear mailbox before using message"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> > In CoCo VMs it is possible for the untrusted host to cause
> > set_memory_decrypted() to fail such that an error is returned and the
> > resulting memory is shared. Callers need to take care to handle these
> > errors to avoid returning decrypted (shared) memory to the page
> > allocator, which could lead to functional or security issues.
> >
> > Leak the decrypted memory when set_memory_decrypted() fails, and don't
> > need to print an error since set_memory_decrypted() will call WARN_ONCE().
> >
> > Reviewed-by: Rick Edgecombe <rick.p.edgecombe@xxxxxxxxx>
> > Reviewed-by: Kirill A. Shutemov <kirill.shutemov@xxxxxxxxxxxxxxx>
> > Signed-off-by: Li RongQing <lirongqing@xxxxxxxxx>
> > ---
>
>
> Ping

Ping

Next message: Christoph Hellwig: "Re: [RFC PATCH 1/1] block/ioctl: Add an ioctl to enable large folios for block buffered IO path"
Previous message: Kartik Rajput: "[PATCH] mailbox: tegra-hsp: Clear mailbox before using message"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]