On Thu, Feb 06, 2020 at 06:15:50PM +0200, Jarkko Sakkinen wrote: > WARN_ONCE() can trigger after kexec() on systems with multiple EPC > sections. This can happen when an enclave has a SECS page in some section > and child pages in a section processed after the section containing the > SECS page. CPU does not allow to remove SECS before all of its children > have been removed. > > Fix this by removing the tail from sgx_sanitize_section() and iterate > sections in two rounds by calling the resulting function. > > Finally, report to the user space only after all processing has been > done and not in the middle of processing as before. This improves the > quality of reporting as kernel can tell how many unsanitized pages in > each section was left unprocessed. > > Cc: x86@xxxxxxxxxx > Reported-by: Sean Christopherson <sean.j.christopherson@xxxxxxxxx> > Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx> Merged. /Jarkko
