On Fri, 2022-04-01 at 18:13 +1300, Kai Huang wrote: > > --- a/arch/x86/kvm/mmu/mmu.c > > +++ b/arch/x86/kvm/mmu/mmu.c > > @@ -617,9 +617,9 @@ static int mmu_spte_clear_track_bits(struct kvm *kvm, > > u64 *sptep) > > int level = sptep_to_sp(sptep)->role.level; > > > > if (!spte_has_volatile_bits(old_spte)) > > - __update_clear_spte_fast(sptep, 0ull); > > + __update_clear_spte_fast(sptep, shadow_init_value); > > else > > - old_spte = __update_clear_spte_slow(sptep, 0ull); > > + old_spte = __update_clear_spte_slow(sptep, > > shadow_init_value); > > I guess it's better to have some comment here. Allow non-zero init value for > shadow PTE doesn't necessarily mean the initial value should be used when one > PTE is zapped. I think mmu_spte_clear_track_bits() is only called for mapping > of normal (shared) memory but not MMIO? Then perhaps it's better to have a > comment to explain we want "suppress #VE" set to get a real EPT violation for > normal memory access from guest? Btw, I think the relevant part of TDP MMU change should be included in this patch too otherwise TDP MMU is broken with this patch. Actually in this series legacy MMU is not supported to work with TDX, so above change to legacy MMU doesn't matter actually. Instead, TDP MMU change should be here. -- Thanks, -Kai