git.ipfire.org Git - thirdparty/kernel/linux.git/commit

author	Sean Christopherson <seanjc@google.com>
	Thu, 30 Oct 2025 20:09:35 +0000 (13:09 -0700)
committer	Sean Christopherson <seanjc@google.com>
	Wed, 5 Nov 2025 19:05:51 +0000 (11:05 -0800)
commit	b9d5cf6de0b6bd3bdd8957b5fea5a243e43c928f
tree	5bb106d130758fe8e413302cd495f6022ca10923	tree \| snapshot
parent	7139c860650535cf517a9344212ce56a21ba37f5	commit \| diff

KVM: TDX: WARN if mirror SPTE doesn't have full RWX when creating S-EPT mapping

Pass in the mirror_spte to kvm_x86_ops.set_external_spte() to provide
symmetry with .remove_external_spte(), and assert in TDX that the mirror
SPTE is shadow-present with full RWX permissions (the TDX-Module doesn't
allow the hypervisor to control protections).

Reviewed-by: Binbin Wu <binbin.wu@linux.intel.com>
Reviewed-by: Kai Huang <kai.huang@intel.com>
Reviewed-by: Yan Zhao <yan.y.zhao@intel.com>
Tested-by: Yan Zhao <yan.y.zhao@intel.com>
Tested-by: Kai Huang <kai.huang@intel.com>
Link: https://patch.msgid.link/20251030200951.3402865-13-seanjc@google.com
Signed-off-by: Sean Christopherson <seanjc@google.com>

arch/x86/include/asm/kvm_host.h		diff \| blob \| blame \| history
arch/x86/kvm/mmu/tdp_mmu.c		diff \| blob \| blame \| history
arch/x86/kvm/vmx/tdx.c		diff \| blob \| blame \| history