From nobody Fri Jun 12 00:08:36 2026 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0FE371A9FA0; Thu, 30 Apr 2026 02:29:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.13 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777516165; cv=none; b=sjNDYpt90eNY7BmVFKxI2dgo+aBVkwoim4v9RiAjbM+fde1A5tSB6S7SWZkEcUs38/Np18jfwiu0JhjQaAFbr3IteLNYwZv94T13A2z/I0TSSftK6isizPNShQ6CqatCJlZ3Gh1r6WCneOiLfvIbKIOMDjkBAo/OIS76Qr+1z44= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777516165; c=relaxed/simple; bh=arRq54L4GiWQawZ+vUAa80USXaJi3Ci9hnWU16ndG+s=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=gu+kFQ4EFwBJ7wYctmQPacjJaHx5Kr5vYaeqmgRcEDDx8BTfiwQyziYJBY5nfJdqT+baccdbuzIcls/Y4vT2YY+bl7fHP4viP8gsBNzKVieoIsJlvBYGLTASuDERrDRlQMuyxbh96cololcdNM3BJzD6iFQYAGW5DZkIixymujo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=EaOdqiwn; arc=none smtp.client-ip=198.175.65.13 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="EaOdqiwn" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1777516163; x=1809052163; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=arRq54L4GiWQawZ+vUAa80USXaJi3Ci9hnWU16ndG+s=; b=EaOdqiwnvl5uA3Ia6wYecgcSy/AnLp0ItH+NbwH9Z6GP3l3XAdJIem6k lAyy9kvQO6bBFYHMsX/soJqdLuYut5cLW5hnc45Hf1w2kFKiPzPDpEEPN XxQcpMsNRJMbDJOxHvt6IcYdmVwtbPW5OsPkCc7dDFIxFmlWAu3Q9442m xiSPOhrp4mCAD5jRWeGnbwG91qbMADssbHxBYVGa6xcA+tR3hXn2XNBUq ewCjkpoQHN/m5wrss5GJHwENqNukFVr0fhY6WRpK6ihlq0BgXAXcmkWxV JS1dsLBC/Vgm9j9uQD6hUEYMTS3ZMxl235YiHKCiZrcj0Nj58uA2UKvnQ w==; X-CSE-ConnectionGUID: RsoIsTLeT4yF3SxO+Fb55w== X-CSE-MsgGUID: jcFIIwKYRj2sNIFckY5eNg== X-IronPort-AV: E=McAfee;i="6800,10657,11771"; a="89552042" X-IronPort-AV: E=Sophos;i="6.23,207,1770624000"; d="scan'208";a="89552042" Received: from fmviesa005.fm.intel.com ([10.60.135.145]) by orvoesa105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Apr 2026 19:29:23 -0700 X-CSE-ConnectionGUID: Z/h8TnxLT8Ora/bFPDmxAw== X-CSE-MsgGUID: H2Xs7x1HSfiP1ujpqwTdog== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.23,207,1770624000"; d="scan'208";a="239431413" Received: from yzhao56-desk.sh.intel.com ([10.239.47.19]) by fmviesa005-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Apr 2026 19:29:18 -0700 From: Yan Zhao To: dave.hansen@linux.intel.com, pbonzini@redhat.com, seanjc@google.com Cc: tglx@kernel.org, mingo@redhat.com, bp@alien8.de, kas@kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-coco@lists.linux.dev, kai.huang@intel.com, rick.p.edgecombe@intel.com, yan.y.zhao@intel.com, yilun.xu@linux.intel.com, vannapurve@google.com, ackerleytng@google.com, sagis@google.com, binbin.wu@linux.intel.com, xiaoyao.li@intel.com, isaku.yamahata@intel.com Subject: [PATCH v2 1/4] x86/tdx: Use PFN directly for mapping guest private memory Date: Thu, 30 Apr 2026 09:49:29 +0800 Message-ID: <20260430014929.24210-1-yan.y.zhao@intel.com> X-Mailer: git-send-email 2.43.2 In-Reply-To: <20260430014852.24183-1-yan.y.zhao@intel.com> References: <20260430014852.24183-1-yan.y.zhao@intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Sean Christopherson Remove struct page assumptions/constraints in the SEAMCALL wrapper APIs for mapping guest private memory and have them take PFN directly. Having core TDX make assumptions that guest private memory must be backed by struct page (and/or folio) will create subtle dependencies on how KVM/guest_memfd allocates/manages memory (e.g., whether it uses memory allocated from core MM, if the memory is refcounted, or if the folio is split) that are easily avoided. [1]. KVM's MMUs work with PFNs. This is very much an intentional design choice. It ensures that the KVM MMUs remain flexible and are not too tied to the regular CPU MMUs and the kernel code around them. Using 'struct page' for TDX guest memory is not a good fit anywhere near the KVM MMU code [2]. Use "kvm_pfn_t pfn" for type safety. Using this KVM type is appropriate since APIs tdh_mem_page_add() and tdh_mem_page_aug() are exported to KVM only. [ Yan: Replace "u64 pfn" with "kvm_pfn_t pfn" ] Signed-off-by: Sean Christopherson Signed-off-by: Yan Zhao Link: https://lore.kernel.org/all/aWgyhmTJphGQqO0Y@google.com [1] Link: https://lore.kernel.org/all/ac7V0g2q2hN3dU5u@google.com [2] Acked-by: Dave Hansen Acked-by: Kiryl Shutsemau Reviewed-by: Ackerley Tng Reviewed-by: Xiaoyao Li --- arch/x86/include/asm/tdx.h | 6 ++++-- arch/x86/kvm/vmx/tdx.c | 7 +++---- arch/x86/virt/vmx/tdx/tdx.c | 19 ++++++++++++------- 3 files changed, 19 insertions(+), 13 deletions(-) diff --git a/arch/x86/include/asm/tdx.h b/arch/x86/include/asm/tdx.h index 0cb77ed4adc5..619aed134c83 100644 --- a/arch/x86/include/asm/tdx.h +++ b/arch/x86/include/asm/tdx.h @@ -6,6 +6,7 @@ #include #include #include +#include =20 #include #include @@ -189,11 +190,12 @@ static inline u64 mk_keyed_paddr(u16 hkid, struct pag= e *page) =20 u64 tdh_vp_enter(struct tdx_vp *vp, struct tdx_module_args *args); u64 tdh_mng_addcx(struct tdx_td *td, struct page *tdcs_page); -u64 tdh_mem_page_add(struct tdx_td *td, u64 gpa, struct page *page, struct= page *source, u64 *ext_err1, u64 *ext_err2); +u64 tdh_mem_page_add(struct tdx_td *td, u64 gpa, kvm_pfn_t pfn, struct pag= e *source, + u64 *ext_err1, u64 *ext_err2); u64 tdh_mem_sept_add(struct tdx_td *td, u64 gpa, enum pg_level level, stru= ct page *page, u64 *ext_err1, u64 *ext_err2); u64 tdh_vp_addcx(struct tdx_vp *vp, struct page *tdcx_page); -u64 tdh_mem_page_aug(struct tdx_td *td, u64 gpa, enum pg_level level, stru= ct page *page, +u64 tdh_mem_page_aug(struct tdx_td *td, u64 gpa, enum pg_level level, kvm_= pfn_t pfn, u64 *ext_err1, u64 *ext_err2); u64 tdh_mem_range_block(struct tdx_td *td, u64 gpa, enum pg_level level, u= 64 *ext_err1, u64 *ext_err2); diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c index 77aea8920a4a..9b47dd257ff4 100644 --- a/arch/x86/kvm/vmx/tdx.c +++ b/arch/x86/kvm/vmx/tdx.c @@ -1624,8 +1624,8 @@ static int tdx_mem_page_add(struct kvm *kvm, gfn_t gf= n, enum pg_level level, KVM_BUG_ON(!kvm_tdx->page_add_src, kvm)) return -EIO; =20 - err =3D tdh_mem_page_add(&kvm_tdx->td, gpa, pfn_to_page(pfn), - kvm_tdx->page_add_src, &entry, &level_state); + err =3D tdh_mem_page_add(&kvm_tdx->td, gpa, pfn, kvm_tdx->page_add_src, + &entry, &level_state); if (unlikely(tdx_operand_busy(err))) return -EBUSY; =20 @@ -1639,12 +1639,11 @@ static int tdx_mem_page_aug(struct kvm *kvm, gfn_t = gfn, enum pg_level level, kvm_pfn_t pfn) { struct kvm_tdx *kvm_tdx =3D to_kvm_tdx(kvm); - struct page *page =3D pfn_to_page(pfn); gpa_t gpa =3D gfn_to_gpa(gfn); u64 entry, level_state; u64 err; =20 - err =3D tdh_mem_page_aug(&kvm_tdx->td, gpa, level, page, &entry, &level_s= tate); + err =3D tdh_mem_page_aug(&kvm_tdx->td, gpa, level, pfn, &entry, &level_st= ate); if (unlikely(tdx_operand_busy(err))) return -EBUSY; =20 diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c index a6e77afafa79..b24b81cea5ea 100644 --- a/arch/x86/virt/vmx/tdx/tdx.c +++ b/arch/x86/virt/vmx/tdx/tdx.c @@ -30,7 +30,6 @@ #include #include #include -#include #include #include #include @@ -1568,6 +1567,11 @@ static void tdx_clflush_page(struct page *page) clflush_cache_range(page_to_virt(page), PAGE_SIZE); } =20 +static void tdx_clflush_pfn(kvm_pfn_t pfn) +{ + clflush_cache_range(__va(PFN_PHYS(pfn)), PAGE_SIZE); +} + static int pg_level_to_tdx_sept_level(enum pg_level level) { WARN_ON_ONCE(level =3D=3D PG_LEVEL_NONE); @@ -1594,17 +1598,18 @@ u64 tdh_mng_addcx(struct tdx_td *td, struct page *t= dcs_page) } EXPORT_SYMBOL_FOR_KVM(tdh_mng_addcx); =20 -u64 tdh_mem_page_add(struct tdx_td *td, u64 gpa, struct page *page, struct= page *source, u64 *ext_err1, u64 *ext_err2) +u64 tdh_mem_page_add(struct tdx_td *td, u64 gpa, kvm_pfn_t pfn, struct pag= e *source, + u64 *ext_err1, u64 *ext_err2) { struct tdx_module_args args =3D { .rcx =3D gpa, .rdx =3D tdx_tdr_pa(td), - .r8 =3D page_to_phys(page), + .r8 =3D PFN_PHYS(pfn), .r9 =3D page_to_phys(source), }; u64 ret; =20 - tdx_clflush_page(page); + tdx_clflush_pfn(pfn); ret =3D seamcall_ret(TDH_MEM_PAGE_ADD, &args); =20 *ext_err1 =3D args.rcx; @@ -1647,16 +1652,16 @@ u64 tdh_vp_addcx(struct tdx_vp *vp, struct page *td= cx_page) EXPORT_SYMBOL_FOR_KVM(tdh_vp_addcx); =20 u64 tdh_mem_page_aug(struct tdx_td *td, u64 gpa, enum pg_level level, - struct page *page, u64 *ext_err1, u64 *ext_err2) + kvm_pfn_t pfn, u64 *ext_err1, u64 *ext_err2) { struct tdx_module_args args =3D { .rcx =3D gpa | pg_level_to_tdx_sept_level(level), .rdx =3D tdx_tdr_pa(td), - .r8 =3D page_to_phys(page), + .r8 =3D PFN_PHYS(pfn), }; u64 ret; =20 - tdx_clflush_page(page); + tdx_clflush_pfn(pfn); ret =3D seamcall_ret(TDH_MEM_PAGE_AUG, &args); =20 *ext_err1 =3D args.rcx; --=20 2.43.2 From nobody Fri Jun 12 00:08:36 2026 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1C6FA2773D8; Thu, 30 Apr 2026 02:29:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.13 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777516181; cv=none; b=dR8e/UswUIlQSiJFuMIydqGCFqOu1owmdBjOXpaj0jhBjlqdYU48o/CaAqv+7qKRt2nHf3W0uwxgKbQjsSrBUPMJ4MtndcEL1rf3udtQQjU2pYbGKTIHwnJWQRZH6yVcIWIGzzpL69t6qcm6qkfJA1xrMsTQYqTFsDxYCVULlTY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777516181; c=relaxed/simple; bh=bbWfa8ktIyR8AVNieMMnOtTrtLvrmA0X60Lp4CwNcu8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=IUqSxJNSl8ZI5w3iK9RhGHF+jCeTN89JO5DaHVtKQNM7dA+rCE1Mqlxpmk0oYj6aozdBcseYwD9Om9T65w6Y1QhP34YzmeYrUOUGJ7Bv3cJO6B3gGlDttRpw7ahIYHTS8jkv7cXzcqx3tqnK35ubgNF8xvDKANJFFW98ZJsT3cs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=mNyYAj9W; arc=none smtp.client-ip=198.175.65.13 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="mNyYAj9W" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1777516180; x=1809052180; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=bbWfa8ktIyR8AVNieMMnOtTrtLvrmA0X60Lp4CwNcu8=; b=mNyYAj9Wwo+bMe7NWKzwRUeTEsmojNbvKLf4dUMHKRU8/uvDWEs4Knb+ mJUKOdppeedz9oQ/84YH0Jszy14RcXwQx2ZhtqhhoHnKaNhW3bqXpToA4 +9n+yRikSuD6vHLGYor2S6PtaEyWfHoErORZcy7uEN6/itqhhfZvVBZFr birNB8USAo0/awsPV0jCQSIj1H7ZK4Vg6+/NUY7ebCFSXoIsoxGOmNEcJ JK5KSNsis21RJbbTmeFkYRi37PC+pMphUG5/tHrXQi4fnUZgO8ui/s6Fy I2JEcqajrznkv3UhGlFU+BFfdetu06FtXpBUdipMabFLC64Htx4KS4d1y A==; X-CSE-ConnectionGUID: LgrNEnLaRtybtxTJx48OYQ== X-CSE-MsgGUID: MlQMNuVyToefC5xM8snKzg== X-IronPort-AV: E=McAfee;i="6800,10657,11771"; a="89552058" X-IronPort-AV: E=Sophos;i="6.23,207,1770624000"; d="scan'208";a="89552058" Received: from fmviesa005.fm.intel.com ([10.60.135.145]) by orvoesa105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Apr 2026 19:29:40 -0700 X-CSE-ConnectionGUID: ITFdVq73S16PdfQQfEXY8A== X-CSE-MsgGUID: 6c39fWVORuKyHLBlob8PwQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.23,207,1770624000"; d="scan'208";a="239431455" Received: from yzhao56-desk.sh.intel.com ([10.239.47.19]) by fmviesa005-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Apr 2026 19:29:35 -0700 From: Yan Zhao To: dave.hansen@linux.intel.com, pbonzini@redhat.com, seanjc@google.com Cc: tglx@kernel.org, mingo@redhat.com, bp@alien8.de, kas@kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-coco@lists.linux.dev, kai.huang@intel.com, rick.p.edgecombe@intel.com, yan.y.zhao@intel.com, yilun.xu@linux.intel.com, vannapurve@google.com, ackerleytng@google.com, sagis@google.com, binbin.wu@linux.intel.com, xiaoyao.li@intel.com, isaku.yamahata@intel.com Subject: [PATCH v2 2/4] x86/tdx: Use PFN directly for unmapping guest private memory Date: Thu, 30 Apr 2026 09:49:48 +0800 Message-ID: <20260430014948.24226-1-yan.y.zhao@intel.com> X-Mailer: git-send-email 2.43.2 In-Reply-To: <20260430014852.24183-1-yan.y.zhao@intel.com> References: <20260430014852.24183-1-yan.y.zhao@intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Sean Christopherson Remove struct page assumptions/constraints in APIs for unmapping guest private memory and have them take physical address directly. Having core TDX make assumptions that guest private memory must be backed by struct page (and/or folio) will create subtle dependencies on how KVM/guest_memfd allocates/manages memory (e.g., whether it uses memory allocated from core MM, if the memory is refcounted, or if the folio is split) that are easily avoided. [1]. KVM's MMUs work with PFNs. This is very much an intentional design choice. It ensures that the KVM MMUs remain flexible and are not too tightly tied to the regular CPU MMUs and the kernel code around them. Using "struct page" for TDX guest memory is not a good fit anywhere near the KVM MMU code [2]. Therefore, for unmapping guest private memory: export tdx_quirk_reset_paddr() for direct KVM invocation, and convert the SEAMCALL wrapper API tdh_phymem_page_wbinvd_hkid() to take PFN as input (thus updating mk_keyed_paddr() and tdh_phymem_page_wbinvd_tdr()). Intentionally have KVM pass PAGE_SIZE (rather than KVM_HPAGE_SIZE(level)) to tdx_quirk_reset_paddr() in tdx_sept_remove_private_spte() to avoid mixing in huge page changes. The KVM_BUG_ON() check for !PG_LEVEL_4K in tdx_sept_remove_private_spte() justifies using PAGE_SIZE. Do not convert tdx_reclaim_page() to use PFN as input since it currently does not remove guest private memory. Use "kvm_pfn_t pfn" for type safety. Using this KVM type is appropriate since APIs tdh_phymem_page_wbinvd_hkid() and tdx_quirk_reset_paddr() are exported to KVM only. [Yan: Use kvm_pfn_t,exclude tdx_reclaim_page(),use tdx_quirk_reset_paddr()] Signed-off-by: Sean Christopherson Signed-off-by: Yan Zhao Link: https://lore.kernel.org/all/aWgyhmTJphGQqO0Y@google.com [1] Link: https://lore.kernel.org/all/ac7V0g2q2hN3dU5u@google.com [2] Acked-by: Dave Hansen Acked-by: Kiryl Shutsemau Reviewed-by: Ackerley Tng Reviewed-by: Xiaoyao Li --- arch/x86/include/asm/tdx.h | 14 +++++--------- arch/x86/kvm/vmx/tdx.c | 6 +++--- arch/x86/virt/vmx/tdx/tdx.c | 9 +++++---- 3 files changed, 13 insertions(+), 16 deletions(-) diff --git a/arch/x86/include/asm/tdx.h b/arch/x86/include/asm/tdx.h index 619aed134c83..65f7d874fb5a 100644 --- a/arch/x86/include/asm/tdx.h +++ b/arch/x86/include/asm/tdx.h @@ -154,6 +154,7 @@ u32 tdx_get_nr_guest_keyids(void); void tdx_guest_keyid_free(unsigned int keyid); =20 void tdx_quirk_reset_page(struct page *page); +void tdx_quirk_reset_paddr(unsigned long base, unsigned long size); =20 struct tdx_td { /* TD root structure: */ @@ -177,15 +178,10 @@ struct tdx_vp { struct page **tdcx_pages; }; =20 -static inline u64 mk_keyed_paddr(u16 hkid, struct page *page) +static inline u64 mk_keyed_paddr(u16 hkid, kvm_pfn_t pfn) { - u64 ret; - - ret =3D page_to_phys(page); - /* KeyID bits are just above the physical address bits: */ - ret |=3D (u64)hkid << boot_cpu_data.x86_phys_bits; - - return ret; + /* KeyID bits are just above the physical address bits. */ + return PFN_PHYS(pfn) | ((u64)hkid << boot_cpu_data.x86_phys_bits); } =20 u64 tdh_vp_enter(struct tdx_vp *vp, struct tdx_module_args *args); @@ -218,7 +214,7 @@ u64 tdh_mem_page_remove(struct tdx_td *td, u64 gpa, enu= m pg_level level, u64 *ext_err1, u64 *ext_err2); u64 tdh_phymem_cache_wb(bool resume); u64 tdh_phymem_page_wbinvd_tdr(struct tdx_td *td); -u64 tdh_phymem_page_wbinvd_hkid(u64 hkid, struct page *page); +u64 tdh_phymem_page_wbinvd_hkid(u64 hkid, kvm_pfn_t pfn); #else static inline void tdx_init(void) { } static inline u32 tdx_get_nr_guest_keyids(void) { return 0; } diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c index 9b47dd257ff4..a2aadc6d0174 100644 --- a/arch/x86/kvm/vmx/tdx.c +++ b/arch/x86/kvm/vmx/tdx.c @@ -1774,8 +1774,8 @@ static int tdx_sept_free_private_spt(struct kvm *kvm,= gfn_t gfn, static void tdx_sept_remove_private_spte(struct kvm *kvm, gfn_t gfn, enum pg_level level, u64 mirror_spte) { - struct page *page =3D pfn_to_page(spte_to_pfn(mirror_spte)); struct kvm_tdx *kvm_tdx =3D to_kvm_tdx(kvm); + kvm_pfn_t pfn =3D spte_to_pfn(mirror_spte); gpa_t gpa =3D gfn_to_gpa(gfn); u64 err, entry, level_state; =20 @@ -1814,11 +1814,11 @@ static void tdx_sept_remove_private_spte(struct kvm= *kvm, gfn_t gfn, if (TDX_BUG_ON_2(err, TDH_MEM_PAGE_REMOVE, entry, level_state, kvm)) return; =20 - err =3D tdh_phymem_page_wbinvd_hkid((u16)kvm_tdx->hkid, page); + err =3D tdh_phymem_page_wbinvd_hkid((u16)kvm_tdx->hkid, pfn); if (TDX_BUG_ON(err, TDH_PHYMEM_PAGE_WBINVD, kvm)) return; =20 - tdx_quirk_reset_page(page); + tdx_quirk_reset_paddr(PFN_PHYS(pfn), PAGE_SIZE); } =20 void tdx_deliver_interrupt(struct kvm_lapic *apic, int delivery_mode, diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c index b24b81cea5ea..e5a37ea2d4a0 100644 --- a/arch/x86/virt/vmx/tdx/tdx.c +++ b/arch/x86/virt/vmx/tdx/tdx.c @@ -710,7 +710,7 @@ static __init int tdmrs_set_up_pamt_all(struct tdmr_inf= o_list *tdmr_list, * to normal kernel memory. Systems with the X86_BUG_TDX_PW_MCE erratum ne= ed to * do the conversion explicitly via MOVDIR64B. */ -static void tdx_quirk_reset_paddr(unsigned long base, unsigned long size) +void tdx_quirk_reset_paddr(unsigned long base, unsigned long size) { const void *zero_page =3D (const void *)page_address(ZERO_PAGE(0)); unsigned long phys, end; @@ -729,6 +729,7 @@ static void tdx_quirk_reset_paddr(unsigned long base, u= nsigned long size) */ mb(); } +EXPORT_SYMBOL_FOR_KVM(tdx_quirk_reset_paddr); =20 void tdx_quirk_reset_page(struct page *page) { @@ -1920,17 +1921,17 @@ u64 tdh_phymem_page_wbinvd_tdr(struct tdx_td *td) { struct tdx_module_args args =3D {}; =20 - args.rcx =3D mk_keyed_paddr(tdx_global_keyid, td->tdr_page); + args.rcx =3D mk_keyed_paddr(tdx_global_keyid, page_to_pfn(td->tdr_page)); =20 return seamcall(TDH_PHYMEM_PAGE_WBINVD, &args); } EXPORT_SYMBOL_FOR_KVM(tdh_phymem_page_wbinvd_tdr); =20 -u64 tdh_phymem_page_wbinvd_hkid(u64 hkid, struct page *page) +u64 tdh_phymem_page_wbinvd_hkid(u64 hkid, kvm_pfn_t pfn) { struct tdx_module_args args =3D {}; =20 - args.rcx =3D mk_keyed_paddr(hkid, page); + args.rcx =3D mk_keyed_paddr(hkid, pfn); =20 return seamcall(TDH_PHYMEM_PAGE_WBINVD, &args); } --=20 2.43.2 From nobody Fri Jun 12 00:08:36 2026 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A46F1286419; Thu, 30 Apr 2026 02:29:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.11 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777516198; cv=none; b=HM+L4WagZnTmj1nxeMubdnkq5YRGtDf75OtnnAOqvviacL+VYAjLyiohDKK9LXAtvpgQFFKsyuAE3TVOvE+r14cfrj7qCKDlj0cfrUh0fQHwbnZ0rhAKTUMPn7+QZZBuPAZK7+WJ+ABHxkrvPRHF4LlurU7dASeSFOM/l0Gpku0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777516198; c=relaxed/simple; bh=7g2f6LCTv8f/LvX4WFfquF4gdXy5ZEpwx3NFWtieX7A=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=uin+kYhqNw1YVhEmWy70Ah9o/e4+o1mVsGwrsa+7e3XN15Kneib5aJ88dapTCa9lhxl2hZvRSnPMOT1b5JzvzxQO0JqnW2DTa/cogQtGeLlGHJ15Gtok4RnugUP0Dk/6+j5BKb2lbs9RflAXMIH6YS9YT6PzVe0c46ghtyN2q98= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=duEdYARn; arc=none smtp.client-ip=198.175.65.11 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="duEdYARn" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1777516198; x=1809052198; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=7g2f6LCTv8f/LvX4WFfquF4gdXy5ZEpwx3NFWtieX7A=; b=duEdYARnnGSCPCR2s1lSlzo8CsMx0ROmOPevXamBGqEZMEokIS8/9Fvi N9Ijfmosn4UMrrj1KxyxgY5z+2otqGDYVJWiyXBH6sKDfSH/tM0Fk1lmL VhPep32P2YhmYjAd1FI61GFbk0XgTbbMcngvJFodOSiVT84tOChHujd1Q Wk0P0ZahCmfMTo7PM2b/9/dA5wG/HuWb7ZCNZpVIXNFxZql7xmHE37FmM L8nq1Aabl2fWGpEA2sAxSE9S2VrFFuhAv+bETTkBVEs6qwLb2LLWeLMWi X1vNWOW+hARQ7uhbIACryBRfDx3NgPRAPRLQBMCFaje9471qyGR86l9ta Q==; X-CSE-ConnectionGUID: 6WpPIblFRueyc/2+rGRY7A== X-CSE-MsgGUID: 1TT3xb5lSISXXX6u7VwyKw== X-IronPort-AV: E=McAfee;i="6800,10657,11771"; a="88770192" X-IronPort-AV: E=Sophos;i="6.23,207,1770624000"; d="scan'208";a="88770192" Received: from fmviesa010.fm.intel.com ([10.60.135.150]) by orvoesa103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Apr 2026 19:29:53 -0700 X-CSE-ConnectionGUID: am+iOdmfTfCE/+xNRkyzxA== X-CSE-MsgGUID: bjtP4w3/TzCdiy5M9m0YHw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.23,207,1770624000"; d="scan'208";a="230090172" Received: from yzhao56-desk.sh.intel.com ([10.239.47.19]) by fmviesa010-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Apr 2026 19:29:48 -0700 From: Yan Zhao To: dave.hansen@linux.intel.com, pbonzini@redhat.com, seanjc@google.com Cc: tglx@kernel.org, mingo@redhat.com, bp@alien8.de, kas@kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-coco@lists.linux.dev, kai.huang@intel.com, rick.p.edgecombe@intel.com, yan.y.zhao@intel.com, yilun.xu@linux.intel.com, vannapurve@google.com, ackerleytng@google.com, sagis@google.com, binbin.wu@linux.intel.com, xiaoyao.li@intel.com, isaku.yamahata@intel.com Subject: [PATCH v2 3/4] x86/tdx: Drop exported function tdx_quirk_reset_page() Date: Thu, 30 Apr 2026 09:50:01 +0800 Message-ID: <20260430015001.24242-1-yan.y.zhao@intel.com> X-Mailer: git-send-email 2.43.2 In-Reply-To: <20260430014852.24183-1-yan.y.zhao@intel.com> References: <20260430014852.24183-1-yan.y.zhao@intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" KVM invokes tdx_quirk_reset_page() to reset TDX control pages (including S-EPT pages, TDR page, etc.), as all those pages are allocated by KVM TDX and thus always have struct page. However, it's also reasonable for KVM to reset those TDX control pages via tdx_quirk_reset_paddr() directly, eliminating the need to export two parallel APIs. Keeping tdx_quirk_reset_page() as a one-line helper in the header file is also unnecessary. No functional change intended. Suggested-by: Paolo Bonzini Suggested-by: Xiaoyao Li Signed-off-by: Yan Zhao Acked-by: Dave Hansen Acked-by: Kiryl Shutsemau Reviewed-by: Ackerley Tng Reviewed-by: Xiaoyao Li --- arch/x86/include/asm/tdx.h | 1 - arch/x86/kvm/vmx/tdx.c | 4 ++-- arch/x86/virt/vmx/tdx/tdx.c | 6 ------ 3 files changed, 2 insertions(+), 9 deletions(-) diff --git a/arch/x86/include/asm/tdx.h b/arch/x86/include/asm/tdx.h index 65f7d874fb5a..9c63deaa0e8f 100644 --- a/arch/x86/include/asm/tdx.h +++ b/arch/x86/include/asm/tdx.h @@ -153,7 +153,6 @@ int tdx_guest_keyid_alloc(void); u32 tdx_get_nr_guest_keyids(void); void tdx_guest_keyid_free(unsigned int keyid); =20 -void tdx_quirk_reset_page(struct page *page); void tdx_quirk_reset_paddr(unsigned long base, unsigned long size); =20 struct tdx_td { diff --git a/arch/x86/kvm/vmx/tdx.c b/arch/x86/kvm/vmx/tdx.c index a2aadc6d0174..9bd4fd748e2a 100644 --- a/arch/x86/kvm/vmx/tdx.c +++ b/arch/x86/kvm/vmx/tdx.c @@ -343,7 +343,7 @@ static int tdx_reclaim_page(struct page *page) =20 r =3D __tdx_reclaim_page(page); if (!r) - tdx_quirk_reset_page(page); + tdx_quirk_reset_paddr(page_to_phys(page), PAGE_SIZE); return r; } =20 @@ -597,7 +597,7 @@ static void tdx_reclaim_td_control_pages(struct kvm *kv= m) if (TDX_BUG_ON(err, TDH_PHYMEM_PAGE_WBINVD, kvm)) return; =20 - tdx_quirk_reset_page(kvm_tdx->td.tdr_page); + tdx_quirk_reset_paddr(page_to_phys(kvm_tdx->td.tdr_page), PAGE_SIZE); =20 __free_page(kvm_tdx->td.tdr_page); kvm_tdx->td.tdr_page =3D NULL; diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c index e5a37ea2d4a0..deb67e68f85f 100644 --- a/arch/x86/virt/vmx/tdx/tdx.c +++ b/arch/x86/virt/vmx/tdx/tdx.c @@ -731,12 +731,6 @@ void tdx_quirk_reset_paddr(unsigned long base, unsigne= d long size) } EXPORT_SYMBOL_FOR_KVM(tdx_quirk_reset_paddr); =20 -void tdx_quirk_reset_page(struct page *page) -{ - tdx_quirk_reset_paddr(page_to_phys(page), PAGE_SIZE); -} -EXPORT_SYMBOL_FOR_KVM(tdx_quirk_reset_page); - static __init void tdmr_quirk_reset_pamt(struct tdmr_info *tdmr) =20 { --=20 2.43.2 From nobody Fri Jun 12 00:08:36 2026 Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9EAD94C81; Thu, 30 Apr 2026 02:30:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=198.175.65.11 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777516206; cv=none; b=I2psPXDlJaX3+7MkdaHAZ5vl/TK79siN4olvub4lOt7USQrTCFvWA3zdWmsmLVo5CpPuICEwZql0zsbARqd8UOjV9Gf1iGbRtaLKyfzazbCGbgqJ/6R1pecaOXKeS9Ypr2HRa8gg1sDaQqr8LV8Bi9d9ddxIfRovtZyL1RtM+yE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1777516206; c=relaxed/simple; bh=W20h4mNal54IzmOL9brZpbD6vtPfbqbc4RdwPgZVbfk=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=JBv0PDvzAKynBfbzd+68bEg5ymiXoiTC8YfEO23b6XPQFaFKaJU0iWb9V1NWsR/RF8cZEuJPK2hIDPYgTc71Ip+cBzU4nfx9HjCXkB4EHjfNUCPKuNAXmZ6idsrwVSEY289zJTFdXCrooC8O6jUWA8ky6u02Y2wn01gHpfwsHwk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=AKbW/oPl; arc=none smtp.client-ip=198.175.65.11 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="AKbW/oPl" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1777516206; x=1809052206; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=W20h4mNal54IzmOL9brZpbD6vtPfbqbc4RdwPgZVbfk=; b=AKbW/oPlYKFVygLCa/K3+5BiGgo8eJipLa2hI33CeMxzh/H0ayK5cp4c 8b/Jno236MgvLwLoNyJx+bXUNR4Mb6PsULjG/EhuP1Yqk3GS+zmjpQoId 9fWAJrRnbpsJ6zcQzwprBIOe4H/uOKiTMHKphsti6EU9zTu+mx1Kzd2md Vw5sf9PzM2NHP8FVRcBZ0wWH5d7Bst3tifvmZ/WkG/OWyCE4vg+JkmDd/ xUKWOKJsav4pDXtdnhxYhiV8t3NnOLWKVZCrGy9Xh6mTGLZa8T5xVYdcI /Xh8n3r1JyGzFiMSDQVTjXfJd2K7voIs/j0oVnUPi4Pf3KY4muhGqsJKM g==; X-CSE-ConnectionGUID: ud6wTsjhTvC0b8iVvKWF6A== X-CSE-MsgGUID: wJxHykNbQXOWY47cNMBf2A== X-IronPort-AV: E=McAfee;i="6800,10657,11771"; a="88770257" X-IronPort-AV: E=Sophos;i="6.23,207,1770624000"; d="scan'208";a="88770257" Received: from fmviesa010.fm.intel.com ([10.60.135.150]) by orvoesa103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Apr 2026 19:30:05 -0700 X-CSE-ConnectionGUID: IBazfshSTimLpLL98SinGA== X-CSE-MsgGUID: CSCjpH1jQfKzJQHPM1deGQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.23,207,1770624000"; d="scan'208";a="230090240" Received: from yzhao56-desk.sh.intel.com ([10.239.47.19]) by fmviesa010-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Apr 2026 19:30:01 -0700 From: Yan Zhao To: dave.hansen@linux.intel.com, pbonzini@redhat.com, seanjc@google.com Cc: tglx@kernel.org, mingo@redhat.com, bp@alien8.de, kas@kernel.org, x86@kernel.org, linux-kernel@vger.kernel.org, kvm@vger.kernel.org, linux-coco@lists.linux.dev, kai.huang@intel.com, rick.p.edgecombe@intel.com, yan.y.zhao@intel.com, yilun.xu@linux.intel.com, vannapurve@google.com, ackerleytng@google.com, sagis@google.com, binbin.wu@linux.intel.com, xiaoyao.li@intel.com, isaku.yamahata@intel.com Subject: [PATCH v2 4/4] x86/virt/tdx: Move mk_keyed_paddr() to tdx.c due to no external users Date: Thu, 30 Apr 2026 09:50:14 +0800 Message-ID: <20260430015014.24261-1-yan.y.zhao@intel.com> X-Mailer: git-send-email 2.43.2 In-Reply-To: <20260430014852.24183-1-yan.y.zhao@intel.com> References: <20260430014852.24183-1-yan.y.zhao@intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Move mk_keyed_paddr() from tdx.h to tdx.c to avoid unnecessary header inclusion and improve encapsulation since there are no users outside of tdx.c. No functional change intended. Signed-off-by: Yan Zhao Acked-by: Dave Hansen Acked-by: Kiryl Shutsemau Reviewed-by: Xiaoyao Li --- arch/x86/include/asm/tdx.h | 6 ------ arch/x86/virt/vmx/tdx/tdx.c | 6 ++++++ 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/arch/x86/include/asm/tdx.h b/arch/x86/include/asm/tdx.h index 9c63deaa0e8f..503f9a3f46d6 100644 --- a/arch/x86/include/asm/tdx.h +++ b/arch/x86/include/asm/tdx.h @@ -177,12 +177,6 @@ struct tdx_vp { struct page **tdcx_pages; }; =20 -static inline u64 mk_keyed_paddr(u16 hkid, kvm_pfn_t pfn) -{ - /* KeyID bits are just above the physical address bits. */ - return PFN_PHYS(pfn) | ((u64)hkid << boot_cpu_data.x86_phys_bits); -} - u64 tdh_vp_enter(struct tdx_vp *vp, struct tdx_module_args *args); u64 tdh_mng_addcx(struct tdx_td *td, struct page *tdcs_page); u64 tdh_mem_page_add(struct tdx_td *td, u64 gpa, kvm_pfn_t pfn, struct pag= e *source, diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c index deb67e68f85f..967482ae3c80 100644 --- a/arch/x86/virt/vmx/tdx/tdx.c +++ b/arch/x86/virt/vmx/tdx/tdx.c @@ -1911,6 +1911,12 @@ u64 tdh_phymem_cache_wb(bool resume) } EXPORT_SYMBOL_FOR_KVM(tdh_phymem_cache_wb); =20 +static inline u64 mk_keyed_paddr(u16 hkid, kvm_pfn_t pfn) +{ + /* KeyID bits are just above the physical address bits. */ + return PFN_PHYS(pfn) | ((u64)hkid << boot_cpu_data.x86_phys_bits); +} + u64 tdh_phymem_page_wbinvd_tdr(struct tdx_td *td) { struct tdx_module_args args =3D {}; --=20 2.43.2