Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp5969898rwb; Mon, 5 Dec 2022 06:28:46 -0800 (PST) X-Google-Smtp-Source: AA0mqf63AFQyW9nCFSrOSYX4QpTsYBtP6+9BDGm3UBXWa/guJwrOVokaRdLs/wFiFxOrkJq4+LN5 X-Received: by 2002:a17:906:74c6:b0:7c0:e381:a32a with SMTP id z6-20020a17090674c600b007c0e381a32amr6688684ejl.188.1670250525925; Mon, 05 Dec 2022 06:28:45 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1670250525; cv=pass; d=google.com; s=arc-20160816; b=pIf0ci4GV3m6g3ioRqYL5kWGef4iJeqmw8i7IdsKZ7RyR5+p7peOMh8C9RY7sGxGj6 BCN+jH6SHMyFXVsJ7IUlmrJ7iXaTA3bvg98Y2U3cTepatwSLz//ltTi8uv5dA1F1l5MR p/7XstN89mX7grzSQrLBXk3dHqcTPb7mvugNkFDZ8on0uyzV3JodQdb6fBYIk0oT4BuK UdHdAIkdRzmGA9iN1PdBhUqQzbL7JhMI6c2bXSKMU6/cXtSdwr8FHQoLsRXaY3NSVgOW wuujxfOUrsAkyK+nFK6Z4Sdw/TLvr0L0UxV6TJZ/Xw8PRrqa3MbhS4t7r6EF+ifoJ4Wk gJjA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:content-transfer-encoding :content-language:accept-language:in-reply-to:references:message-id :date:thread-index:thread-topic:subject:cc:to:from:dkim-signature; bh=yBuiaPlYgYXY2aeKy7IJCxvxwLSzTCzkfr/FwCFRduw=; b=AAScw5kaWk0yAGRmL6nnZ+ZzCjtVnSx7qe7l9AI0a4hKifV8KUGNrZi1r1VA4ldE8M SvK73LFP3KJreNXrv1lildF7YdbMBEYlUzZYMafVT7UTD45oDzs8dCYOGsoCAojUbkFZ xhbjoR5hz7GY/ZwAcWbHBk3tqcXoPquTEobagAoIcNpegpeQgcpUGYquZ4oQDM/bijJd RXV4uXawCxOPzg0CmzBRTdaLGUnfuTeqWaIpFopkA7oPdGS5ZcACDCHkd/WNJMdvTjXN bkDY9eFN3ia//f2UEckR3QFjUesCevQeVRKqStzfRvfSqtzroLRCfxaYjX0Z+q5JGaJ2 SEmw== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="O/BhD/Dd"; arc=pass (i=1 spf=pass spfdomain=intel.com dkim=pass dkdomain=intel.com dmarc=pass fromdomain=intel.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id en23-20020a056402529700b00458a650f3fasi1696382edb.409.2022.12.05.06.28.26; Mon, 05 Dec 2022 06:28:45 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="O/BhD/Dd"; arc=pass (i=1 spf=pass spfdomain=intel.com dkim=pass dkdomain=intel.com dmarc=pass fromdomain=intel.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232231AbiLEOYK (ORCPT + 81 others); Mon, 5 Dec 2022 09:24:10 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36710 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231811AbiLEOXv (ORCPT ); Mon, 5 Dec 2022 09:23:51 -0500 Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 123C5E2D; Mon, 5 Dec 2022 06:23:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1670250230; x=1701786230; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=8Z406gBvc7sZkz8gujIO4/ZBX3AuF5mBNjUh8jKXsxA=; b=O/BhD/DdVN4vOoRgRQvLiKRzH7UKec5yC80w09htQYuAlP7+4JPmPuBI CBvVQo0TdVpXaUxPojdr/ZoHMwHCCOiyrs/1VGmf260Ant6Zq30CetHaQ 1IcPdywV399gHURWAVSvQIr/YUpvD6tWL52n0FHI3/5ug6Q1KFY2t23Om f+qky+3Yt4hHZU+LIU64/iUF7TO4NEUGFD8VYOjQ3RMJlkXihC2gYrdgT twfBQPZHov33LCR/v83WjgGtzOxezx5r6C8rA62Zq2K+acDIfxIp3iZ8J ZGEe0vcFHOEy/9pWSTzqQt/OeC2BapM1a7Mnkn1XR6SIvqTkbsRVPGyK6 Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10552"; a="317502434" X-IronPort-AV: E=Sophos;i="5.96,219,1665471600"; d="scan'208";a="317502434" Received: from orsmga002.jf.intel.com ([10.7.209.21]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 05 Dec 2022 06:23:42 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10552"; a="645831281" X-IronPort-AV: E=Sophos;i="5.96,219,1665471600"; d="scan'208";a="645831281" Received: from fmsmsx601.amr.corp.intel.com ([10.18.126.81]) by orsmga002.jf.intel.com with ESMTP; 05 Dec 2022 06:23:41 -0800 Received: from fmsmsx610.amr.corp.intel.com (10.18.126.90) by fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.16; Mon, 5 Dec 2022 06:23:41 -0800 Received: from fmsedg601.ED.cps.intel.com (10.1.192.135) by fmsmsx610.amr.corp.intel.com (10.18.126.90) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.16 via Frontend Transport; Mon, 5 Dec 2022 06:23:41 -0800 Received: from NAM02-SN1-obe.outbound.protection.outlook.com (104.47.57.44) by edgegateway.intel.com (192.55.55.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.16; Mon, 5 Dec 2022 06:23:41 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cEVspl6sIkuAT0+RXSkGSKzQhbUs3auFD/baWPrKkbkTSgsVCVOzH3L06cV6suRxS9YilPW5f5f3NODWiyqrLbrxJG53KGZhS1oFvicCcNA4330PQQHWFBOuZmd7d/F1ev4G9agqiNy64c+YrCJPgbjtyFddOV6WU017TApCrj9dKuteBD22TI1/NCb+DEbkgGgoJEhkQDX3FI4jI2Bh7/Gst1C9J5P8iXvVwd6FYeeMlXcH8005fTxz8yhcdT+NxTXx45nqsxJKrWKDA1tiC/G05KP79ejp5oypD76wUmYuZ4OvRUVGfzoEqw8CEFAg3z3tHqgPpNlzN7axuCRgOw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=yBuiaPlYgYXY2aeKy7IJCxvxwLSzTCzkfr/FwCFRduw=; b=AKJ8s1PtHDDFzXRh8v6T7Z6x/rC2tkLExH7oqISrN582W0RSLiZeaFb22ZNXMK5LTrEcC7Z2Ys6ttu2FNsDjl7I3DVmZuBeHCxm9I+FrDYQZsEZrBc63aKNbr4ZWtnonPdD5yNKT/Zns0HZGliUj+MeVtTMXgIkzvGutHWKAX5RsCrEvOSlebqWs8hPu57TX32nX1zpemaI+V5BE96IKGsF2ACaXGbEgSqcYTYIwnZS4G7UPLRXZaM7F1BRbVKE0zwxcwO29SuAv+j6OqJNTtbA8f6obR1/3O3PI4dxc13CZKqLwYbbkhk37hh3Ceh9D2vmu1b9T0srjVELjqz/3tw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from DS0PR11MB6373.namprd11.prod.outlook.com (2603:10b6:8:cb::20) by PH0PR11MB5904.namprd11.prod.outlook.com (2603:10b6:510:14e::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5880.11; Mon, 5 Dec 2022 14:23:36 +0000 Received: from DS0PR11MB6373.namprd11.prod.outlook.com ([fe80::964f:ee6c:6541:ff37]) by DS0PR11MB6373.namprd11.prod.outlook.com ([fe80::964f:ee6c:6541:ff37%8]) with mapi id 15.20.5880.010; Mon, 5 Dec 2022 14:23:35 +0000 From: "Wang, Wei W" To: "Yamahata, Isaku" , "kvm@vger.kernel.org" , "linux-kernel@vger.kernel.org" CC: "Yamahata, Isaku" , "isaku.yamahata@gmail.com" , Paolo Bonzini , "Aktas, Erdem" , "Christopherson,, Sean" , "Shahar, Sagi" , David Matlack Subject: RE: [PATCH v10 052/108] KVM: x86/tdp_mmu: Ignore unsupported mmu operation on private GFNs Thread-Topic: [PATCH v10 052/108] KVM: x86/tdp_mmu: Ignore unsupported mmu operation on private GFNs Thread-Index: AQHY7CiJasKThqRaDEOPq0Yx+uNQTK5exgOw Date: Mon, 5 Dec 2022 14:23:35 +0000 Message-ID: References: <32e2f5f567e1af3858e2896d705b66f90a908ff0.1667110240.git.isaku.yamahata@intel.com> In-Reply-To: <32e2f5f567e1af3858e2896d705b66f90a908ff0.1667110240.git.isaku.yamahata@intel.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: DS0PR11MB6373:EE_|PH0PR11MB5904:EE_ x-ms-office365-filtering-correlation-id: 42bae555-0074-485d-8597-08dad6cc4b70 x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: GwwNfvYbXvJmSqMqsz+JIpDC7x3kVol6HskbEF3sq+7DopzCJgnY2AZ3o+f4lr1opV4g4FRvCHpYM0aYFhsaXyBImynI7vXKjfGOnRV+58qxXOt/Mb57RgWwuD1NgYxC/ytcNAnu0rRJUsAouORcHx6UFt25D+oa6Xzvt5sM+AhEbCQIdqrCR4CaqWNBSXX4pxbFCo3DEDEXvbmKrrKetxy5FbRyxwRt7PMy8L3RFnFRvobXdjwPQTfduAeWMHaLZXLOB5hmYoJuk2RSv4RI6pl3nxL9suK6sAnzSzvUOLDaQmdm+kl7ELxH6mqTfKCpQjvfUZy+GhfEJsIag7dzrHp3/yjnpck4wYt4LAEjnn0k/VZsclBN6Aiy2O8YXdjt/6CFHbBqRp7iJuoe20ZJ6cKhIQidVt8SWLY6jH+A1c5VQx+9f/dgVStLErKKQAScr6XW19UTAhsfS387ZC3mOD96/gfO018rFVl6OSrLJnDrHcy89iHwgFeib6FVyg/qPwA16GsuKWwQjf5WG7xy59zk7M36uRGjng6dO0ATyTB7JzJ1GY9yYYGcENzySpYffawy9JkGaba2fZTK3HaM+hXBAtYNPr7VpyhLOz9ruALsqaC2z0VmOVndB8vlsZ7q76JL+9ETXiA8Rjg3j0DOSPy6ms+8RA+53MdQ351dLpH/Dhd+bOeAgXg+X6186BpzaB/3Qpo6910KxEcZFRwaQQ== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DS0PR11MB6373.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230022)(376002)(366004)(346002)(39860400002)(136003)(396003)(451199015)(71200400001)(316002)(83380400001)(186003)(26005)(54906003)(9686003)(53546011)(110136005)(6506007)(7696005)(86362001)(2906002)(55016003)(33656002)(66556008)(122000001)(8676002)(66476007)(64756008)(38100700002)(4326008)(66946007)(76116006)(66446008)(82960400001)(478600001)(38070700005)(52536014)(5660300002)(8936002)(41300700001);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?o8rvTcC2SA8ERJTUlGs7/WdWcLJ33zqPmogYE+ONaa1jgVYGtQNo9azxrlV3?= =?us-ascii?Q?9qXbMCJdEVA4XlvKQ9Nz8IdxUzUMuMcgbe6Oy05laaAzxTSZCGfy+CtvcgU6?= =?us-ascii?Q?gEi5n8Efn6it/V1X6Vss6Lkxp/0GYxgx0/kukUmA1y17fDdbdjaak991140G?= =?us-ascii?Q?MN5NerIrdYzataCFQZVSRJgMPqs0L4YlIr1Szs/od4Fa1VmcBJnkik/T76sH?= =?us-ascii?Q?J0VB35aJf4XNxkg/n6qVOMmuubXwj4UOwe7LK1OYPeNphq5XwdfnT/SjTtV7?= =?us-ascii?Q?5O7VqQCm4KT+53q+XrBqnmi4zS5k6tOR+PRysqRCHUvrDIexxhdnS7xII5lc?= =?us-ascii?Q?hG8iu5D5ccRV+sZ0p/l3MDPdK+RUhZVpKhO5dRUvuKql28EnP7APMOYywgXH?= =?us-ascii?Q?zdcvjP0mlNZezvjjur4eHd55lcG/I/fgotTs2tf39URja2vbRj1yFCgb13Ry?= =?us-ascii?Q?JkyPi/GKGhtkNL/XPiKmeynM6/TSTtBgRjHIGuhrZbskmIAyJKSe0oFXQvt5?= =?us-ascii?Q?TtkzCK+DHMJ5hA7VSjgpBb7c91A/2903MD42RXF+QdIHbyA2Lv5aVMv7KAma?= =?us-ascii?Q?S8uOlOsMxq7tS0l7EPbJ9PyjcfuOB1t8cIOMmgJ60iyrLL7VALej9kyhb45F?= =?us-ascii?Q?ovnBwoVhwHBQC9kCFXIzCwKu3jVHsrQwU+8TtI7FJHjNLhFUKtLcZ6YcKF88?= =?us-ascii?Q?5TRLChJdeCcs6DhUgGEKxifW23QNlgk6DdBESTrW84O7cLPizMSwiUTxtk3G?= =?us-ascii?Q?9ZlUTL3K912WucbZ5Upe6OUaUIWaXzMouUNJHdFmoh2mWep8yWV0ou2zJ87X?= =?us-ascii?Q?HLHqNHk9AXaNAoRJG6ElPWHQ0knowD5IxhBOZ+/hLtn6iXERNCMIAUIA9I1J?= =?us-ascii?Q?I1j1m9Ucp1ajj44qfZg/HZjJ6uptznL8bj/1ulXDqimRWwPXfEe0ywCRdhIC?= =?us-ascii?Q?Mxcd6GUdpUAMKj91OvcmgeyVo07mP/wwlRBIYDK0lhCnbyYwWYeLtQVqiq9+?= =?us-ascii?Q?CceT8VFiktFMUqRMDuBWKCRh3NSuVH/xRiLG3RZ9U9E1KIXf0uLyiUAyXl/C?= =?us-ascii?Q?iGbyVJ0nxk0akJJbbeOBBKfrEVQdhNixDtBZapThRUjXTnUblnizkQjtM+tk?= =?us-ascii?Q?Qkc1USxT4Zqi8WTnhtT0ZtMUxX9uDLcg/v6Z+ZRwaxpTJYIoT6lcRrwOol1O?= =?us-ascii?Q?Br3qKEyZ8d8MWdKKCl9451OO+2LPv3El4yuOT6WbkPO7b8NjDxvW6Vz/S5wP?= =?us-ascii?Q?GaEGwQCpt8uJg8y/iceIq1hLVb9cl/qMUJ+LmGlp3fgui1lzExac7rODl8H8?= =?us-ascii?Q?Kb1TyI/zu7ttYvGdqUKM8fkM0pzQkz80KQxj2hhWeZ5A4TMJ/rX7rbARf4xe?= =?us-ascii?Q?+HVfoxMExIGAWZNnzO0s4PVBdeZlq9KzVi70Oc7SzST4OBURCxIqsfkaxByz?= =?us-ascii?Q?iPHo/7mXgn36I219wc8qS1BHBFID/XXWHFapom08KHf3xravdU60y9dhJrHV?= =?us-ascii?Q?zRoFKPyR+psZ5woMwH0ZhPNq8IKlZmph3d8GM0C8HxZF7/JtoLJtK5eSisoP?= =?us-ascii?Q?tEiB+ADKgzIA0z9TLxKjrVz05KpOq0YZ2Pk2/OLx?= Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: DS0PR11MB6373.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 42bae555-0074-485d-8597-08dad6cc4b70 X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Dec 2022 14:23:35.3371 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: koUY+/asPDSWMjj888zMdT4ePOzadVS7ldlv+ep5oToaWnLJbv5XCJiANOmB7jIodubntonaPCRnMIGKHt68lw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB5904 X-OriginatorOrg: intel.com X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sunday, October 30, 2022 2:23 PM, Yamahata, Isaku wrote: > From: Isaku Yamahata >=20 > Some KVM MMU operations (dirty page logging, page migration, aging page) > aren't supported for private GFNs (yet) with the first generation of TDX. > Silently return on unsupported TDX KVM MMU operations. >=20 > Signed-off-by: Isaku Yamahata > --- > arch/x86/kvm/mmu/mmu.c | 3 ++ > arch/x86/kvm/mmu/tdp_mmu.c | 73 > +++++++++++++++++++++++++++++++++++--- > arch/x86/kvm/x86.c | 3 ++ > 3 files changed, 74 insertions(+), 5 deletions(-) >=20 > diff --git a/arch/x86/kvm/mmu/mmu.c b/arch/x86/kvm/mmu/mmu.c index > 02e7b5cf3231..efc3b3f2dd12 100644 > --- a/arch/x86/kvm/mmu/mmu.c > +++ b/arch/x86/kvm/mmu/mmu.c > @@ -6588,6 +6588,9 @@ static bool kvm_mmu_zap_collapsible_spte(struct > kvm *kvm, > for_each_rmap_spte(rmap_head, &iter, sptep) { > sp =3D sptep_to_sp(sptep); >=20 > + /* Private page dirty logging is not supported yet. */ > + KVM_BUG_ON(is_private_sptep(sptep), kvm); > + > /* > * We cannot do huge page mapping for indirect shadow pages, > * which are found on the last rmap (level =3D 1) when not using diff = --git > a/arch/x86/kvm/mmu/tdp_mmu.c b/arch/x86/kvm/mmu/tdp_mmu.c index > 0e053b96444a..4b207ce83ffe 100644 > --- a/arch/x86/kvm/mmu/tdp_mmu.c > +++ b/arch/x86/kvm/mmu/tdp_mmu.c > @@ -1469,7 +1469,8 @@ typedef bool (*tdp_handler_t)(struct kvm *kvm, > struct tdp_iter *iter, >=20 > static __always_inline bool kvm_tdp_mmu_handle_gfn(struct kvm *kvm, > struct kvm_gfn_range *range, > - tdp_handler_t handler) > + tdp_handler_t handler, > + bool only_shared) > { > struct kvm_mmu_page *root; > struct tdp_iter iter; > @@ -1480,9 +1481,23 @@ static __always_inline bool > kvm_tdp_mmu_handle_gfn(struct kvm *kvm, > * into this helper allow blocking; it'd be dead, wasteful code. > */ > for_each_tdp_mmu_root(kvm, root, range->slot->as_id) { > + gfn_t start; > + gfn_t end; > + > + if (only_shared && is_private_sp(root)) > + continue; > + > rcu_read_lock(); >=20 > - tdp_root_for_each_leaf_pte(iter, root, range->start, range->end) > + /* > + * For TDX shared mapping, set GFN shared bit to the range, > + * so the handler() doesn't need to set it, to avoid duplicated > + * code in multiple handler()s. > + */ > + start =3D kvm_gfn_for_root(kvm, root, range->start); > + end =3D kvm_gfn_for_root(kvm, root, range->end); > + > + tdp_root_for_each_leaf_pte(iter, root, start, end) > ret |=3D handler(kvm, &iter, range); >=20 > rcu_read_unlock(); > @@ -1526,7 +1541,12 @@ static bool age_gfn_range(struct kvm *kvm, struct > tdp_iter *iter, >=20 > bool kvm_tdp_mmu_age_gfn_range(struct kvm *kvm, struct kvm_gfn_range > *range) { > - return kvm_tdp_mmu_handle_gfn(kvm, range, age_gfn_range); > + /* > + * First TDX generation doesn't support clearing A bit for private > + * mapping, since there's no secure EPT API to support it. However > + * it's a legitimate request for TDX guest. > + */ > + return kvm_tdp_mmu_handle_gfn(kvm, range, age_gfn_range, true); > } >=20 > static bool test_age_gfn(struct kvm *kvm, struct tdp_iter *iter, @@ -153= 7,7 > +1557,8 @@ static bool test_age_gfn(struct kvm *kvm, struct tdp_iter *ite= r, >=20 > bool kvm_tdp_mmu_test_age_gfn(struct kvm *kvm, struct kvm_gfn_range > *range) { > - return kvm_tdp_mmu_handle_gfn(kvm, range, test_age_gfn); > + /* The first TDX generation doesn't support A bit. */ > + return kvm_tdp_mmu_handle_gfn(kvm, range, test_age_gfn, true); > } >=20 > static bool set_spte_gfn(struct kvm *kvm, struct tdp_iter *iter, @@ -158= 2,8 > +1603,11 @@ bool kvm_tdp_mmu_set_spte_gfn(struct kvm *kvm, struct > kvm_gfn_range *range) > * No need to handle the remote TLB flush under RCU protection, the > * target SPTE _must_ be a leaf SPTE, i.e. cannot result in freeing a > * shadow page. See the WARN on pfn_changed in > __handle_changed_spte(). > + * > + * .change_pte() callback should not happen for private page, because > + * for now TDX private pages are pinned during VM's life time. > */ > - return kvm_tdp_mmu_handle_gfn(kvm, range, set_spte_gfn); > + return kvm_tdp_mmu_handle_gfn(kvm, range, set_spte_gfn, true); > } >=20 > /* > @@ -1637,6 +1661,14 @@ bool kvm_tdp_mmu_wrprot_slot(struct kvm *kvm, >=20 > lockdep_assert_held_read(&kvm->mmu_lock); >=20 > + /* > + * Because first TDX generation doesn't support write protecting privat= e > + * mappings and kvm_arch_dirty_log_supported(kvm) =3D false, it's a bug > + * to reach here for guest TD. > + */ > + if (WARN_ON_ONCE(!kvm_arch_dirty_log_supported(kvm))) > + return false; > + > for_each_valid_tdp_mmu_root_yield_safe(kvm, root, slot->as_id, true) > spte_set |=3D wrprot_gfn_range(kvm, root, slot->base_gfn, > slot->base_gfn + slot->npages, min_level); @@ -1902,6 > +1934,14 @@ bool kvm_tdp_mmu_clear_dirty_slot(struct kvm *kvm, >=20 > lockdep_assert_held_read(&kvm->mmu_lock); >=20 > + /* > + * First TDX generation doesn't support clearing dirty bit, > + * since there's no secure EPT API to support it. It is a > + * bug to reach here for TDX guest. > + */ > + if (WARN_ON_ONCE(!kvm_arch_dirty_log_supported(kvm))) > + return false; > + It might not be a good choice to intercept everywhere in kvm_mmu just as td= x doesn't support it. I'm thinking maybe we could do the check in tdx.c, whic= h is much simpler. For example: @@ -2592,6 +2605,12 @@ static void tdx_handle_changed_private_spte(struct k= vm *kvm, lockdep_assert_held(&kvm->mmu_lock); if (change->new.is_present) { + /* Only flags change. This isn't supported currently. */ + KVM_BUG_ON(change->old.is_present, kvm); Then we can have kvm_arch_dirty_log_supported completely removed.