On Tue, Mar 23, 2021, Paolo Bonzini wrote: > On 23/03/21 18:02, Sean Christopherson wrote: > > > That's important, but it's even more important *to developers* that the > > > commit message spells out why this would be a kernel bug more often than > > > not. I for one do not understand it, and I suspect I'm not alone. > > > > > > Maybe (optimistically) once we see that explanation we decide that the > > > documentation is not important. Sean, Kai, can you explain it? > > > > Thought of a good analogy that can be used for the changelog and/or docs: > > > > This is effectively a kernel use-after-free of EPC, and due to the way SGX works, > > the bug is detected at freeing. Rather than add the page back to the pool of > > available EPC, the kernel intentionally leaks the page to avoid additional > > errors in the future. > > > > Does that help? > > Very much, and for me this also settles the question of documentation. > Borislav or Kai, can you add it to the commit message? One last thought. This error/WARN doesn't guarantee that a conflict hasn't already occurred, e.g. the EPC page was prematurely put back on the list and already handed out to a second enclave. In that case there will undoubtedly be a slew of WARNs/errors leading up to this one, I just wanted to clarify that intentionally leaking the page doesn't magically cure _all_ use-after-free or double-use bugs.
