On Fri, May 13, 2022 at 12:50 PM Sean Christopherson <seanjc@xxxxxxxxxx> wrote: > > Add a comment to FNAME(sync_page) to explain why the TLB flushing logic > conspiculously doesn't handle the scenario of guest protections being > reduced. Specifically, if synchronizing a SPTE drops execute protections, > KVM will not emit a TLB flush, whereas dropping writable or clearing A/D > bits does trigger a flush via mmu_spte_update(). Architecturally, until > the GPTE is implicitly or explicitly flushed from the guest's perspective, > KVM is not required to flush any old, stale translations. > > Signed-off-by: Sean Christopherson <seanjc@xxxxxxxxxx> > --- Reviewed-by: Jim Mattson <jmattson@xxxxxxxxxx>