On 10/17/2025 8:32 AM, Sean Christopherson wrote:
Fold tdx_mem_page_record_premap_cnt() into tdx_sept_set_private_spte() as
providing a one-off helper for effectively three lines of code is at best a
wash, and splitting the code makes the comment for smp_rmb() _extremely_
confusing as the comment talks about reading kvm->arch.pre_fault_allowed
before kvm_tdx->state, but the immediately visible code does the exact
opposite.
Opportunistically rewrite the comments to more explicitly explain who is
checking what, as well as _why_ the ordering matters.
No functional change intended.
Reviewed-by: Rick Edgecombe <[email protected]>
Signed-off-by: Sean Christopherson <[email protected]>
Reviewed-by: Binbin Wu <[email protected]>
One nit below.
[...]
+ /*
+ * If the TD isn't finalized/runnable, then userspace is initializing
+ * the VM image via KVM_TDX_INIT_MEM_REGION. Increment the number of
+ * pages that need to be mapped and initialized via TDH.MEM.PAGE.ADD.
+ * KVM_TDX_FINALIZE_VM checks the counter to ensure all mapped pages
^
Nit: Is pre-mapped better?
+ * have been added to the image, to prevent running the TD with a
+ * valid mapping in the mirror EPT, but not in the S-EPT.
+ */
+ if (unlikely(kvm_tdx->state != TD_STATE_RUNNABLE)) {
+ if (KVM_BUG_ON(kvm->arch.pre_fault_allowed, kvm))
+ return -EIO;
+
+ atomic64_inc(&kvm_tdx->nr_premapped);
+ return 0;
+ }
+
+ return tdx_mem_page_aug(kvm, gfn, level, pfn);
}
static int tdx_sept_link_private_spt(struct kvm *kvm, gfn_t gfn,
