On Thu, 2025-10-30 at 16:40 -0700, Sean Christopherson wrote: > On Thu, Oct 30, 2025, Kai Huang wrote: > > On Thu, 2025-10-30 at 13:09 -0700, Sean Christopherson wrote: > > > Pass in the mirror_spte to kvm_x86_ops.set_external_spte() to provide > > > symmetry with .remove_external_spte(), and assert in TDX that the mirror > > > SPTE is shadow-present with full RWX permissions (the TDX-Module doesn't > > > allow the hypervisor to control protections). > > > > > > Signed-off-by: Sean Christopherson <[email protected]> > > > > Reviewed-by: Kai Huang <[email protected]> > > > > [...] > > > > > static int tdx_sept_set_private_spte(struct kvm *kvm, gfn_t gfn, > > > - enum pg_level level, kvm_pfn_t pfn) > > > + enum pg_level level, u64 mirror_spte) > > > { > > > struct kvm_tdx *kvm_tdx = to_kvm_tdx(kvm); > > > + kvm_pfn_t pfn = spte_to_pfn(mirror_spte); > > > > > > /* TODO: handle large pages. */ > > > if (KVM_BUG_ON(level != PG_LEVEL_4K, kvm)) > > > return -EIO; > > > > > > + WARN_ON_ONCE(!is_shadow_present_pte(mirror_spte) || > > > + (mirror_spte & VMX_EPT_RWX_MASK) != VMX_EPT_RWX_MASK); > > > + > > > > Nit: > > > > I am a little bit confused about when to use WARN_ON_ONCE() and > > KVM_BUG_ON(). :-) > > Very loosely: WARN if there's a decent chance carrying on might be fine, > KVM_BUG_ON() if there's a good chance carrying on will crash the host and/or > corrupt the guest, e.g. if KVM suspects a hardware/TDX-Module issue.
Makes sense. Thanks.
