From: Rick Edgecombe Sent: Wednesday, February 21,
2024 6:10 PM
>
See comment in Patch 1 about the "Subject" prefix.
> On TDX it is possible for the untrusted host to cause
See comment in Patch 1 about TDX vs. CoCo VM.
> set_memory_encrypted() or set_memory_decrypted() to fail such that an
On TDX it is possible for the untrusted host to cause
set_memory_encrypted() or set_memory_decrypted() to fail such that an
error is returned and the resulting memory is shared. Callers need to take
care to handle these errors to avoid returning decrypted (shared) memory to
the page allocator,
