From nobody Mon Feb 9 13:01:20 2026 Received: from mail-pf1-f202.google.com (mail-pf1-f202.google.com [209.85.210.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D308F34DB6C for ; Thu, 29 Jan 2026 01:16:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1769649381; cv=none; b=e1FOf326EJkVYFY/UyG9KgNaMuAqtM04tTGAFqv/8R90CEU1qa7O0RHIQb12P/EZzMQmqFrvuEopXLZWJUhN9NDAEY4bIj12U1M0ZTZMIN2b3wqu9iZIJc3F/5e7ATZQbkL/Cn5eb53agQVxJdkoPeG/XT7x3ScDnT5v5lONRVk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1769649381; c=relaxed/simple; bh=PfMNr2r+VH5JLxrfxOQQF4dS/m+8iJ8wfmAB6pwfKRU=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=pNQAhIjd/Q6DWKOVBjLEbTva9Pk/UtISls60A3IcDLkorW7H26f3xz/n0Myj1U0dr+k8GXP0O09/PBDJWCkmMqLXlbYMY50nFU7hSayPvC7dSqAzekwTUoxE1eNPhlRhVr103kNzwN5PpBHZHPwwB3JQrfGsYOQBjQ0qh6i1vU0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=dwf9Hbf1; arc=none smtp.client-ip=209.85.210.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="dwf9Hbf1" Received: by mail-pf1-f202.google.com with SMTP id d2e1a72fcca58-81f8c209cfbso212621b3a.2 for ; Wed, 28 Jan 2026 17:16:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1769649379; x=1770254179; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=IDz9ZOJlCXDAbAOz3SQRUqJo6I1Od4zF7irdWu0ijNQ=; b=dwf9Hbf17Re3HIZIyQ5QcO8evvYep6A1m2y+gteFjK7Phfun1Pl+I1+YgIPct2drpQ qQm07NUrMJquy1Yc6J6R7bUAGMFkUvAtN0dyf2vOkol1QVBBwFXLG/B/TzKXqCXZdHU6 NFs+/0fKDM3UCUUCWVR7YaW1s+CeiqsctS5LQTQUFhvkE1Rm1BgXkBVUEbwQP6lzL2uT q+B4rsMFES//gUMYlo1XnkhpBvmNiPyKKfQrB2awZN7yLzzwuvx4GT96WeRxOURt1vA+ awrSWdR/cOxa8n7PxJRXVR0J+PRzKbKd0zx3+R4gBjqEwUcgE1vmVh66+bxEjkVz/RpE QfJQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1769649379; x=1770254179; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=IDz9ZOJlCXDAbAOz3SQRUqJo6I1Od4zF7irdWu0ijNQ=; b=E0UA1I/SWhxomYdxhlVo9IRESAlGBgDSimgfVhiQJWuolFA5KsDolujFV3YPsuS0M8 SworRqGkP30Vkh1pz7/yJ67Pij8bA43Gvjk4IxH+VOng2dd8Wv0yOlx21v/eGDzH7POW Vp2es8sWSSwD62jiGdcBCwUq+GZjfrYywaAnt0b3tJ0AhaMS7eTX5G9S/0ZMucJ5a7rN 0xbEPHJQackoe5+dS/jKt7FUNGYSfGnb5zCwEaQU5oVp5IqSdXmIOKQjfSbLHhLRcwCX wspO8CSFp+/59ni3XiAOKjWWynX9JmuWvKebqA9jC0Zg5Qnyd0QSFfPnyrb2EpieBbPj gPhQ== X-Gm-Message-State: AOJu0YxacQHz6HS5beH6v+pRRm+VAbuLUORE5rphDrGwq0egMsjfq00e leiJk02qoiRbCChbJayOKP8yX1spQSXq+bbI37fy2UDw/JyEWfJVBUv+irA4YS2qhLI/CJT4vwe VaZ2Jcg== X-Received: from pfbli11.prod.google.com ([2002:a05:6a00:718b:b0:7dd:8bba:63aa]) (user=seanjc job=prod-delivery.src-stubby-dispatcher) by 2002:a05:6a00:1a17:b0:823:1276:9a86 with SMTP id d2e1a72fcca58-8236929d5fbmr5606152b3a.39.1769649379248; Wed, 28 Jan 2026 17:16:19 -0800 (PST) Reply-To: Sean Christopherson Date: Wed, 28 Jan 2026 17:14:59 -0800 In-Reply-To: <20260129011517.3545883-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20260129011517.3545883-1-seanjc@google.com> X-Mailer: git-send-email 2.53.0.rc1.217.geba53bf80e-goog Message-ID: <20260129011517.3545883-28-seanjc@google.com> Subject: [RFC PATCH v5 27/45] x86/virt/tdx: Enhance tdh_phymem_page_wbinvd_hkid() to invalidate huge pages From: Sean Christopherson To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, Kiryl Shutsemau , Sean Christopherson , Paolo Bonzini Cc: linux-kernel@vger.kernel.org, linux-coco@lists.linux.dev, kvm@vger.kernel.org, Kai Huang , Rick Edgecombe , Yan Zhao , Vishal Annapurve , Ackerley Tng , Sagi Shahar , Binbin Wu , Xiaoyao Li , Isaku Yamahata Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Yan Zhao After removing a TD's private page, the TDX module does not write back and invalidate cache lines associated with the page and its keyID (i.e., the TD's guest keyID). The SEAMCALL wrapper tdh_phymem_page_wbinvd_hkid() enables the caller to provide the TD's guest keyID and physical memory address to invoke the SEAMCALL TDH_PHYMEM_PAGE_WBINVD to perform cache line invalidation. Enhance the SEAMCALL wrapper tdh_phymem_page_wbinvd_hkid() to support cache line invalidation for huge pages by introducing the parameters "folio", "start_idx", and "npages". These parameters specify the physical memory starting from the page at "start_idx" within a "folio" and spanning "npages" contiguous PFNs. Return TDX_OPERAND_INVALID if the specified memory is not entirely contained within a single folio. Signed-off-by: Xiaoyao Li Signed-off-by: Isaku Yamahata Suggested-by: Rick Edgecombe Signed-off-by: Yan Zhao Signed-off-by: Sean Christopherson --- arch/x86/include/asm/tdx.h | 2 +- arch/x86/kvm/vmx/tdx.c | 2 +- arch/x86/virt/vmx/tdx/tdx.c | 16 ++++++++++++---- 3 files changed, 14 insertions(+), 6 deletions(-) diff --git a/arch/x86/include/asm/tdx.h b/arch/x86/include/asm/tdx.h index 1f57f7721286..8ceaebc6c1a9 100644 --- a/arch/x86/include/asm/tdx.h +++ b/arch/x86/include/asm/tdx.h @@ -237,7 +237,7 @@ u64 tdh_mem_track(struct tdx_td *tdr); u64 tdh_mem_page_remove(struct tdx_td *td, u64 gpa, enum pg_level level, u= 64 *ext_err1, u64 *ext_err2); u64 tdh_phymem_cache_wb(bool resume); u64 tdh_phymem_page_wbinvd_tdr(struct tdx_td *td); -u64 tdh_phymem_page_wbinvd_hkid(u64 hkid, u64 pfn); +u64 tdh_phymem_page_wbinvd_hkid(u64 hkid, u64 pfn, enum pg_level level); #else static inline void tdx_init(void) { } static inline int tdx_cpu_enable(void) { return -ENODEV; } diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c index 4ac312376ac9..90133e8f5c53 100644 --- a/arch/x86/kvm/vmx/tdx.c +++ b/arch/x86/kvm/vmx/tdx.c @@ -1867,7 +1867,7 @@ static void tdx_sept_remove_private_spte(struct kvm *= kvm, gfn_t gfn, if (TDX_BUG_ON_2(err, TDH_MEM_PAGE_REMOVE, entry, level_state, kvm)) return; =20 - err =3D tdh_phymem_page_wbinvd_hkid((u16)kvm_tdx->hkid, pfn); + err =3D tdh_phymem_page_wbinvd_hkid((u16)kvm_tdx->hkid, pfn, level); if (TDX_BUG_ON(err, TDH_PHYMEM_PAGE_WBINVD, kvm)) return; =20 diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c index 37776ea56eb7..367df9366d57 100644 --- a/arch/x86/virt/vmx/tdx/tdx.c +++ b/arch/x86/virt/vmx/tdx/tdx.c @@ -2071,13 +2071,21 @@ u64 tdh_phymem_page_wbinvd_tdr(struct tdx_td *td) } EXPORT_SYMBOL_FOR_KVM(tdh_phymem_page_wbinvd_tdr); =20 -u64 tdh_phymem_page_wbinvd_hkid(u64 hkid, u64 pfn) +u64 tdh_phymem_page_wbinvd_hkid(u64 hkid, u64 pfn, enum pg_level level) { - struct tdx_module_args args =3D {}; + unsigned long npages =3D page_level_size(level) / PAGE_SIZE; + u64 err; =20 - args.rcx =3D mk_keyed_paddr(hkid, pfn); + for (unsigned long i =3D 0; i < npages; i++) { + struct tdx_module_args args =3D { + .rcx =3D mk_keyed_paddr(hkid, pfn + i), + }; =20 - return seamcall(TDH_PHYMEM_PAGE_WBINVD, &args); + err =3D seamcall(TDH_PHYMEM_PAGE_WBINVD, &args); + if (err) + break; + } + return err; } EXPORT_SYMBOL_FOR_KVM(tdh_phymem_page_wbinvd_hkid); =20 --=20 2.53.0.rc1.217.geba53bf80e-goog