On 22/03/21 19:56, Sean Christopherson wrote:
EREMOVE can only fail if there's a kernel or hardware bug (or a VMM bug if running as a guest). IME, nearly every kernel/KVM bug that I introduced that led to EREMOVE failure was also quite fatal to SGX, i.e. this is just the canary in the coal mine.
That was my recollection as well from previous threads but, to be fair to Boris, the commit message is a lot more scary (and, which is what triggers me, puts the blame on KVM). It just says "KVM does not track how guest pages are used, which means that SGX virtualization use of EREMOVE might fail".
Paolo
