summaryrefslogtreecommitdiff
path: root/scripts/patch-kernel
diff options
context:
space:
mode:
authorSean Christopherson <seanjc@google.com>2026-05-09 15:56:34 +0800
committerSean Christopherson <seanjc@google.com>2026-05-27 17:19:16 -0700
commit28c77a0378044b96f9c82cdd889872ab88191857 (patch)
tree702cf82d26c85d983039a06f4b47a83b37480661 /scripts/patch-kernel
parentc1ec7f368d85329ab25407a0b9cf0ec99ff15e22 (diff)
KVM: x86/tdp_mmu: Centrally propagate to-present/atomic zap updates to external PTEs
Move propagation of to-present changes and atomic zap changes to external PTEs from function __tdp_mmu_set_spte_atomic() to function __handle_changed_spte(), which centrally handles changes of SPTEs. When setting a PTE to present in the mirror page tables, the update needs to be propagated to the external page tables (in TDX parlance, the S-EPT). Today this is handled by special mirror page tables logic/branching in __tdp_mmu_set_spte_atomic(), which is the only place where present PTEs are set for TDX. The current approach obviously works, but is a bit hacked on. The hook for setting present leaf PTEs is added only where TDX happens to need it. For example, TDX does not support any of the operations that use the non-atomic variant, tdp_mmu_set_spte(), to set present PTEs. Since the hook is missing there, it is very hard to understand the code from a non-TDX lens. If the reader doesn't know the TDX specifics it could look like the external SPTE update is missing. In addition to being confusing, it also litters the TDP MMU with "external" update callbacks. This is especially unfortunate because there is already a central place to react to TDP updates, handle_changed_spte(). Begin the process of moving towards a model where all mirror page table updates are forwarded to TDX code where the TDX-specific logic can live with a more proper separation of concerns. Do this by adding a helper __handle_changed_spte() and teaching it how to return error codes, such that it can propagate the failures that may come from TDX external page table updates. Make the original handle_changed_spte() a no-fail version of __handle_changed_spte(), so it handles no-fail changes which are under exclusive mmu_lock or under the no-fail path handle_removed_pt(), triggering KVM_BUG_ON() on error returns. Instead of having __tdp_mmu_set_spte_atomic() do the frozen mirror SPTE dance and trigger propagation to external PTEs, make __tdp_mmu_set_spte_atomic() a simple helper of try_cmpxchg64() and hoist the frozen mirror SPTE dance up a level to tdp_mmu_set_spte_atomic(). Then, the propagation of changes to present to the external PTEs can be centralized to __handle_changed_spte(). Aging external SPTEs is not yet supported for the mirror page table, so just warn on mirror usage in kvm_tdp_mmu_age_spte() and invoke __tdp_mmu_set_spte_atomic() directly without frozen dance. No need to warn on installing FROZEN_SPTE as a long-term value in kvm_tdp_mmu_age_spte() since removing accessed bit is mutually exclusive with installing FROZEN_SPTE (FROZEN_SPTE is with accessed bit in all x86 platforms). Since tdp_mmu_set_spte_atomic() can also be invoked to atomically zap SPTEs (though there's no path to trigger atomic zap on the mirror page table up to now), also leverage set_external_spte() op to propagate the atomic zaps when tdp_mmu_set_spte_atomic() zaps leaf SPTEs directly. (When tdp_mmu_set_spte_atomic() zaps a non-leaf SPTE, zaps of the child leaf SPTEs are propagated via the remove_external_spte() op). Note: tdp_mmu_set_spte_atomic() invokes __handle_changed_spte() to handle changes to new_spte while the mirror SPTE is frozen, so (1) the update of the external PTEs and statistics, or (2) the update of child mirror SPTEs, child external PTEs and corresponding statistics, now occur before the mirror SPTE is actually set to new_spte. (1) is ok since if it fails, the mirror SPTE will be restored to its original value. (2) is also ok since handle_removed_pt() is no-fail. Link: https://lore.kernel.org/lkml/aYYn0nf2cayYu8e7@google.com [Rick: Based on a diff by Sean Chrisopherson] Co-developed-by: Rick Edgecombe <rick.p.edgecombe@intel.com> Signed-off-by: Rick Edgecombe <rick.p.edgecombe@intel.com> [Yan: added atomic zap case ] Co-developed-by: Yan Zhao <yan.y.zhao@intel.com> Signed-off-by: Yan Zhao <yan.y.zhao@intel.com> Link: https://patch.msgid.link/20260509075634.4274-1-yan.y.zhao@intel.com Signed-off-by: Sean Christopherson <seanjc@google.com>
Diffstat (limited to 'scripts/patch-kernel')
0 files changed, 0 insertions, 0 deletions