On Tue, Sep 13, 2022 at 10:53:30PM +0800, Zhiquan Li wrote: > Today, if a guest accesses an SGX EPC page with memory failure, > the kernel behavior will kill the entire guest. This blast > radius is too large. It would be idea to kill only the SGX > application inside the guest. > > To fix this, send a SIGBUS to host userspace (like QEMU) which can > follow up by injecting a #MC to the guest. > > SGX virtual EPC driver doesn't explicitly prevent virtual EPC instance > being shared by multiple VMs via fork(). However KVM doesn't support > running a VM across multiple mm structures, and the de facto userspace > hypervisor (Qemu) doesn't use fork() to create a new VM, so in practice > this should not happen. > > Signed-off-by: Zhiquan Li <zhiquan1.li@xxxxxxxxx> > Acked-by: Kai Huang <kai.huang@xxxxxxxxx> > Link: https://lore.kernel.org/linux-sgx/443cb425-009c-2784-56f4-5e707122de76@xxxxxxxxx/T/#m1d1f4098f4fad78034e8706a60e4d79c119db407 > Reviewed-by: Jarkko Sakkinen <jarkko@xxxxxxxxxx> > Acked-by: Jarkko Sakkinen <jarkko@xxxxxxxxxx> ditto BR, Jarkko
