Re: [PATCH v3 03/25] x86/sgx: Wipe out EREMOVE from sgx_free_epc_page()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 22/03/21 21:43, Kai Huang wrote:
That was my recollection as well from previous threads but, to be fair
to Boris, the commit message is a lot more scary (and, which is what
triggers me, puts the blame on KVM).  It just says "KVM does not track
how guest pages are used, which means that SGX virtualization use of
EREMOVE might fail".

I don't see the commit msg being scary.  EREMOVE might fail but virtual EPC code
can handle that.  This is the reason to break out EREMOVE from original
sgx_free_epc_page(), so virtual EPC code can have its own logic of handling
EREMOVE failure.

I should explain what I mean by scary.

What you wrote above, "EREMOVE might fail but virtual EPC code can handle that" sounds fine. But it doesn't say the failure mode, so it's hiding information.

What I would like to have, "EREMOVE might fail and will be leaked, but virtual EPC code will not crash and in any case there are much worse problems waiting to happen" is fine. (It's even better with an explanation of the problems).

Your message however was in the middle: "EREMOVE might fail, virtual EPC code will not crash but the page will be leaked". It gives the failure mode but not how the problem arises, and it is this combination that results in something scary-sounding.

Paolo




[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux