On Fri, 6 Aug 2021 09:31:54 +0200 David Hildenbrand <david@xxxxxxxxxx> wrote: > On 04.08.21 17:40, Claudio Imbrenda wrote: > > When a protected VM is created, the topmost level of page tables of > > its ASCE is marked by the Ultravisor; any attempt to use that > > memory for protected virtualization will result in failure. > > > > Only a successful Destroy Configuration UVC will remove the marking. > > > > When the Destroy Configuration UVC fails, the topmost level of page > > tables of the VM does not get its marking cleared; to avoid issues > > it must not be used again. > > > > Since the page becomes in practice unusable, we set it aside and > > leak it. > > Instead of leaking, can't we add it to some list and try again later? > Or do we only expect permanent errors? once the secure VM has been destroyed unsuccessfully, there is nothing that can be done, this is a permanent error > Also, we really should bail out loud (pr_warn) to tell the admin that > something really nasty is going on. when a destroy secure VM UVC fails, there are already other warnings printed, no need to add one more
