On Mon, 2024-04-22 at 12:50 -0700, Sean Christopherson wrote:
> The kernel already does panic() if TDCALL itself fails,
>
> static inline void tdcall(u64 fn, struct tdx_module_args *args)
> {
> if (__tdcall_ret(fn, args))
> panic("TDCALL %lld failed (Buggy TDX module!)\n", fn);
> }
>
> /* Called from __tdx_hypercall() for unrecoverable failure */
> noinstr void __noreturn __tdx_hypercall_failed(void)
> {
> instrumentation_begin();
> panic("TDVMCALL failed. TDX module bug?");
> }
>
> it's just doesn in C code via panic(), not in asm via a bare ud2.
Hmm, I didn't realize. It looks like today some calls do and some don't. I don't
mean to reopen old debates. Just surprised that these are able to bring down the
system. Which funnily enough connects back to the original issue of the patch:
whether they are safe to export for module use.
