@@ -710,7 +710,8 @@ int arch_memory_failure(unsigned long pfn, int flags)
struct sgx_epc_page *page = sgx_paddr_to_page(pfn << PAGE_SHIFT);
struct sgx_epc_section *section;
struct sgx_numa_node *node;
- struct sgx_vepc_page *owner;
+ struct sgx_encl_page *owner;
+ unsigned long vaddr;
int ret = 0;
/*
@@ -729,14 +730,17 @@ int arch_memory_failure(unsigned long pfn, int flags)
* enclave is broken.
*/
if (flags & MF_ACTION_REQUIRED) {
- /*
- * In case the error memory is accessed by VM guest, provide
- * extra info for hypervisor to make further decision but not
- * simply kill it.
- */
- if (page->flags & SGX_EPC_PAGE_IS_VEPC) {
- owner = (struct sgx_vepc_page *)page->owner;
- ret = force_sig_mceerr(BUS_MCEERR_AR, (void __user *)owner->vaddr,
+ owner = page->owner;
+ if (owner) {
+ /*
+ * Provide extra info to the task so that it can make further
+ * decision but not simply kill it.
+ */
+ if (page->flags & SGX_EPC_PAGE_IS_VEPC)
+ vaddr = ((struct sgx_vepc_page *)owner)->vaddr;
+ else
+ vaddr = owner->desc & PAGE_MASK;
+ ret = force_sig_mceerr(BUS_MCEERR_AR, (void __user *)vaddr,
PAGE_SHIFT);
if (ret < 0)
pr_err("Memory failure: Error sending signal to %s:%d: %d\n",
When the application accesses a SGX EPC page with memory failure, the task will receive a SIGBUS signal without any extra info, unless the EPC page has SGX_EPC_PAGE_IS_VEPC flag. However, in some cases, we only use SGX in sub-task and we don’t expect the entire task group be killed due to a SGX EPC page for a sub-task has memory failure. To fix it, we extend the solution for normal case. That is, the SGX regular EPC page with memory failure will trigger a SIGBUS signal with code BUS_MCEERR_AR and additional info, so that the user has opportunity to make further decision. Signed-off-by: Zhiquan Li <zhiquan1.li@intel.com> --- arch/x86/kernel/cpu/sgx/main.c | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-)