On Thu, Dec 22, 2022 at 3:19 PM Vishal Annapurve <vannapurve@xxxxxxxxxx> wrote:
>
> On Tue, Oct 18, 2022 at 1:59 PM Peter Gonda <pgonda@xxxxxxxxxx> wrote:
> >
> > ...
> > +
> > +static void configure_sev_pte_masks(struct kvm_vm *vm)
> > +{
> > + uint32_t eax, ebx, ecx, edx, enc_bit;
> > +
> > + cpuid(CPUID_MEM_ENC_LEAF, &eax, &ebx, &ecx, &edx);
> > + enc_bit = ebx & CPUID_EBX_CBIT_MASK;
> > +
> > + vm->arch.c_bit = 1 << enc_bit;
>
> This should be 1ULL << enc_bit as the overall result overflows 32 bits.
>
> > + vm->arch.pte_me_mask = vm->arch.c_bit | vm->arch.s_bit;
>
> Maybe the role of pte_me_mask needs to be discussed in more detail. If
> pte_me_mask is to be used only for maintaining/manipulating encryption
> of page table memory then maybe it should be just set as
> vm->arch.c_bit or better yet replaced with vm->arch.c_bit.
>
> gpa_protected_mask also needs to be set here so that vm_untag_gpa
> works as expected.
Thanks for speaking with me offline about TDX. I have removed
pte_me_mask entirely and set gpa_protected_mask here in my V6.
>
> > + vm->protected = true;
> > +}
> > +
> > ...
> > +}
>
> > --
> > 2.38.0.413.g74048e4d9e-goog
> >
