On Wed, Aug 14, 2024 at 11:08:49AM +0800, Yuan Yao wrote:
> On Mon, Aug 12, 2024 at 03:48:08PM -0700, Rick Edgecombe wrote:
> > From: Isaku Yamahata <isaku.yamahata@xxxxxxxxx>
> > +static int __tdx_td_init(struct kvm *kvm)
> > +{
...
> > + /*
> > + * TDH.MNG.CREATE tries to grab the global TDX module and fails
> > + * with TDX_OPERAND_BUSY when it fails to grab. Take the global
> > + * lock to prevent it from failure.
> > + */
> > + mutex_lock(&tdx_lock);
> > + kvm_tdx->tdr_pa = tdr_pa;
> > + err = tdh_mng_create(kvm_tdx, kvm_tdx->hkid);
> > + mutex_unlock(&tdx_lock);
> > +
> > + if (err == TDX_RND_NO_ENTROPY) {
> > + kvm_tdx->tdr_pa = 0;
>
> code path after 'free_packages' set it to 0, so this can be removed.
>
> > + ret = -EAGAIN;
> > + goto free_packages;
> > + }
> > +
> > + if (WARN_ON_ONCE(err)) {
> > + kvm_tdx->tdr_pa = 0;
>
> Ditto.
Yes those seem unnecessary.
> > + kvm_tdx->tdcs_pa = tdcs_pa;
> > + for (i = 0; i < tdx_sysinfo_nr_tdcs_pages(); i++) {
> > + err = tdh_mng_addcx(kvm_tdx, tdcs_pa[i]);
> > + if (err == TDX_RND_NO_ENTROPY) {
> > + /* Here it's hard to allow userspace to retry. */
> > + ret = -EBUSY;
> > + goto teardown;
> > + }
> > + if (WARN_ON_ONCE(err)) {
> > + pr_tdx_error(TDH_MNG_ADDCX, err);
> > + ret = -EIO;
> > + goto teardown;
>
> This and above 'goto teardown' under same for() free the
> partially added TDCX pages w/o take ownership back, may
> 'goto teardown_reclaim' (or any better name) below can
> handle this, see next comment for this patch.
...
> > +teardown:
> > + for (; i < tdx_sysinfo_nr_tdcs_pages(); i++) {
> > + if (tdcs_pa[i]) {
> > + free_page((unsigned long)__va(tdcs_pa[i]));
> > + tdcs_pa[i] = 0;
> > + }
> > + }
> > + if (!kvm_tdx->tdcs_pa)
> > + kfree(tdcs_pa);
>
> Add 'teardown_reclaim:' Here, pair with my last comment.
Makes sense, I'll do patch.
Regards,
Tony
