On 2/8/22 1:56 AM, Dov Murik wrote: ...
Just to be clear, I didn't mean necessarily "leak the key to the untrusted host" (even if a page is converted back from private to shared, it is encrypted, so host can't read its contents). But even *inside* the guest, when dealing with sensitive data like keys, we should minimize the amount of copies that float around (I assume this is the reason for most of the uses of memzero_explicit() in the kernel).
Yap, I agree with your point and will keep the memzero_explicit(). -Brijesh
