On Mon, Apr 25, 2022 at 12:10:22PM -0700, Sagi Shahar <sagis@xxxxxxxxxx> wrote: > On Wed, Apr 6, 2022 at 5:50 PM Kai Huang <kai.huang@xxxxxxxxx> wrote: > > > > On Fri, 2022-03-04 at 11:49 -0800, isaku.yamahata@xxxxxxxxx wrote: > > > From: Isaku Yamahata <isaku.yamahata@xxxxxxxxx> ... > > > @@ -914,14 +1014,23 @@ static int tdp_mmu_map_handle_target_level(struct kvm_vcpu *vcpu, > > > u64 new_spte; > > > int ret = RET_PF_FIXED; > > > bool wrprot = false; > > > + unsigned long pte_access = ACC_ALL; > > > > > > WARN_ON(sp->role.level != fault->goal_level); > > > + > > > + /* TDX shared GPAs are no executable, enforce this for the SDV. */ > > > + if (!kvm_is_private_gfn(vcpu->kvm, iter->gfn)) > > This should be: > if (kvm_gfn_stolen_mask(vcpu->kvm) && !kvm_is_private_gfn(vcpu->kvm, iter->gfn)) > > Otherwise, when TDX is disabled, all EPTs are going to be considered > as shared non-executable EPTs. Oops, will fix it. Thank you for pointing it out. -- Isaku Yamahata <isaku.yamahata@xxxxxxxxx>
