On 10/23/23 09:47, Michael Kelley (LINUX) wrote: > For paranoid CoCo VM users, using panic_on_warn=1 seems workable. > However, with current code and this patch series, it's possible have > set_memory_decrypted() return an error and have set_memory_encrypted() > fix things up as best it can without generating any warnings. It seems > like we need a WARN or some equivalent mechanism if either of these > fails, so that CoCo VMs can panic if they don't want to run with any > inconsistencies (again, assuming the host isn't malicious). Adding a warning to the fixup path in set_memory_encrypted() would be totally fine with me.
