On 8/6/22 01:05, Sean Christopherson wrote:
!is_large_pte(spte)) {
+ u64 page_mask;
+
+ /*
+ * Ensure nx_huge_page_disallowed is read after checking for a
+ * present shadow page. A different vCPU may be concurrently
+ * installing the shadow page if mmu_lock is held for read.
+ * Pairs with the smp_wmb() in kvm_tdp_mmu_map().
+ */
+ smp_rmb();
+
+ if (!spte_to_child_sp(spte)->nx_huge_page_disallowed)
+ return;
+
I wonder if the barrier shouldn't be simply in to_shadow_page(), i.e.
always assume in the TDP MMU code that sp->xyz is read after the SPTE
that points to that struct kvm_mmu_page.
Paolo
