From: Jason Gunthorpe <[email protected]> Sent: Tuesday, July 14, 2026 5:25 AM
> 
> On Tue, Jul 14, 2026 at 09:32:27AM +0530, Aneesh Kumar K.V wrote:
> 
> > If we want to warn about such failures, we should add the warning
> > consistently across the code. We may also want to handle decrypt
> > failures by encrypting the page again to avoid leaking it.
> >
> > I will work on that as a tree-wide change in a separate patch.
> 
> IMHO the WARN should be inside set_memory_encrypted(), and maybe it
> should be a BUG_ON...

There was a discussion about this a while back. The decision was
to embed the WARNs,  and that callers should not output any error
messages upon failure.

The x86 implementation of set_memory_decrypted() and
set_memory_encrypted() has an embedded WARN_ON_ONCE()
that triggers on a failure. The arm64 realm encrypt/decrypt ops also
have an embedded WARN().

The pkvm encrypt/decrypt ops do not, so that's maybe where it should
be added.

Michael

Reply via email to