On Mon, 22 Mar 2021 20:11:57 +0100 Paolo Bonzini wrote: > On 22/03/21 19:56, Sean Christopherson wrote: > > EREMOVE can only fail if there's a kernel or hardware bug (or a VMM bug if > > running as a guest). IME, nearly every kernel/KVM bug that I introduced that > > led to EREMOVE failure was also quite fatal to SGX, i.e. this is just the canary > > in the coal mine. > > That was my recollection as well from previous threads but, to be fair > to Boris, the commit message is a lot more scary (and, which is what > triggers me, puts the blame on KVM). It just says "KVM does not track > how guest pages are used, which means that SGX virtualization use of > EREMOVE might fail". I don't see the commit msg being scary. EREMOVE might fail but virtual EPC code can handle that. This is the reason to break out EREMOVE from original sgx_free_epc_page(), so virtual EPC code can have its own logic of handling EREMOVE failure.
