Re: [PATCH v3 24/25] KVM: TDX: Guard VM state transitions with "all" the locks

[PATCH v3 00/25] KVM: x86/mmu: TDX post-populate cleanups · Sean Christopherson <seanjc@google.com> · 2025-10-17
[PATCH v3 01/25] KVM: Make support for kvm_arch_vcpu_async_ioctl() mandatory · Sean Christopherson <seanjc@google.com> · 2025-10-17
Re: [PATCH v3 01/25] KVM: Make support for kvm_arch_vcpu_async_ioctl() mandatory · Claudio Imbrenda <imbrenda@linux.ibm.com> · 2025-10-17
[PATCH v3 02/25] KVM: Rename kvm_arch_vcpu_async_ioctl() to kvm_arch_vcpu_unlocked_ioctl() · Sean Christopherson <seanjc@google.com> · 2025-10-17
Re: [PATCH v3 02/25] KVM: Rename kvm_arch_vcpu_async_ioctl() to kvm_arch_vcpu_unlocked_ioctl() · Claudio Imbrenda <imbrenda@linux.ibm.com> · 2025-10-17
[PATCH v3 03/25] KVM: TDX: Drop PROVE_MMU=y sanity check on to-be-populated mappings · Sean Christopherson <seanjc@google.com> · 2025-10-17
Re: [PATCH v3 03/25] KVM: TDX: Drop PROVE_MMU=y sanity check on to-be-populated mappings · Binbin Wu <hidden> · 2025-10-22
[PATCH v3 04/25] KVM: x86/mmu: Add dedicated API to map guest_memfd pfn into TDP MMU · Sean Christopherson <seanjc@google.com> · 2025-10-17
Re: [PATCH v3 04/25] KVM: x86/mmu: Add dedicated API to map guest_memfd pfn into TDP MMU · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2025-10-21
Re: [PATCH v3 04/25] KVM: x86/mmu: Add dedicated API to map guest_memfd pfn into TDP MMU · Yan Zhao <hidden> · 2025-10-21
Re: [PATCH v3 04/25] KVM: x86/mmu: Add dedicated API to map guest_memfd pfn into TDP MMU · Sean Christopherson <seanjc@google.com> · 2025-10-21
Re: [PATCH v3 04/25] KVM: x86/mmu: Add dedicated API to map guest_memfd pfn into TDP MMU · Yan Zhao <hidden> · 2025-10-22
Re: [PATCH v3 04/25] KVM: x86/mmu: Add dedicated API to map guest_memfd pfn into TDP MMU · Sean Christopherson <seanjc@google.com> · 2025-10-22
Re: [PATCH v3 04/25] KVM: x86/mmu: Add dedicated API to map guest_memfd pfn into TDP MMU · Yan Zhao <hidden> · 2025-10-23
Re: [PATCH v3 04/25] KVM: x86/mmu: Add dedicated API to map guest_memfd pfn into TDP MMU · Yan Zhao <hidden> · 2025-10-22
Re: [PATCH v3 04/25] KVM: x86/mmu: Add dedicated API to map guest_memfd pfn into TDP MMU · Yan Zhao <hidden> · 2025-10-30
Re: [PATCH v3 04/25] KVM: x86/mmu: Add dedicated API to map guest_memfd pfn into TDP MMU · Sean Christopherson <seanjc@google.com> · 2025-11-04
Re: [PATCH v3 04/25] KVM: x86/mmu: Add dedicated API to map guest_memfd pfn into TDP MMU · Yan Zhao <hidden> · 2025-11-05
Re: [PATCH v3 04/25] KVM: x86/mmu: Add dedicated API to map guest_memfd pfn into TDP MMU · Yan Zhao <hidden> · 2025-11-05
Re: [PATCH v3 04/25] KVM: x86/mmu: Add dedicated API to map guest_memfd pfn into TDP MMU · Sean Christopherson <seanjc@google.com> · 2025-11-05
Re: [PATCH v3 04/25] KVM: x86/mmu: Add dedicated API to map guest_memfd pfn into TDP MMU · Huang, Kai <hidden> · 2025-10-23
[PATCH v3 05/25] Revert "KVM: x86/tdp_mmu: Add a helper function to walk down the TDP MMU" · Sean Christopherson <seanjc@google.com> · 2025-10-17
Re: [PATCH v3 05/25] Revert "KVM: x86/tdp_mmu: Add a helper function to walk down the TDP MMU" · Binbin Wu <hidden> · 2025-10-22
Re: [PATCH v3 05/25] Revert "KVM: x86/tdp_mmu: Add a helper function to walk down the TDP MMU" · Huang, Kai <hidden> · 2025-10-23
[PATCH v3 06/25] KVM: x86/mmu: Rename kvm_tdp_map_page() to kvm_tdp_page_prefault() · Sean Christopherson <seanjc@google.com> · 2025-10-17
Re: [PATCH v3 06/25] KVM: x86/mmu: Rename kvm_tdp_map_page() to kvm_tdp_page_prefault() · Binbin Wu <hidden> · 2025-10-22
Re: [PATCH v3 06/25] KVM: x86/mmu: Rename kvm_tdp_map_page() to kvm_tdp_page_prefault() · Huang, Kai <hidden> · 2025-10-23
[PATCH v3 07/25] KVM: TDX: Drop superfluous page pinning in S-EPT management · Sean Christopherson <seanjc@google.com> · 2025-10-17
Re: [PATCH v3 07/25] KVM: TDX: Drop superfluous page pinning in S-EPT management · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2025-10-21
[PATCH v3 08/25] KVM: TDX: Return -EIO, not -EINVAL, on a KVM_BUG_ON() condition · Sean Christopherson <seanjc@google.com> · 2025-10-17
[PATCH v3 09/25] KVM: TDX: Fold tdx_sept_drop_private_spte() into tdx_sept_remove_private_spte() · Sean Christopherson <seanjc@google.com> · 2025-10-17
Re: [PATCH v3 09/25] KVM: TDX: Fold tdx_sept_drop_private_spte() into tdx_sept_remove_private_spte() · Huang, Kai <hidden> · 2025-10-23
Re: [PATCH v3 09/25] KVM: TDX: Fold tdx_sept_drop_private_spte() into tdx_sept_remove_private_spte() · Sean Christopherson <seanjc@google.com> · 2025-10-23
Re: [PATCH v3 09/25] KVM: TDX: Fold tdx_sept_drop_private_spte() into tdx_sept_remove_private_spte() · Huang, Kai <hidden> · 2025-10-23
[PATCH v3 10/25] KVM: x86/mmu: Drop the return code from kvm_x86_ops.remove_external_spte() · Sean Christopherson <seanjc@google.com> · 2025-10-17
Re: [PATCH v3 10/25] KVM: x86/mmu: Drop the return code from kvm_x86_ops.remove_external_spte() · Yan Zhao <hidden> · 2025-10-22
Re: [PATCH v3 10/25] KVM: x86/mmu: Drop the return code from kvm_x86_ops.remove_external_spte() · Sean Christopherson <seanjc@google.com> · 2025-10-22
[PATCH v3 11/25] KVM: TDX: Avoid a double-KVM_BUG_ON() in tdx_sept_zap_private_spte() · Sean Christopherson <seanjc@google.com> · 2025-10-17
Re: [PATCH v3 11/25] KVM: TDX: Avoid a double-KVM_BUG_ON() in tdx_sept_zap_private_spte() · Huang, Kai <hidden> · 2025-10-23
[PATCH v3 12/25] KVM: TDX: Use atomic64_dec_return() instead of a poor equivalent · Sean Christopherson <seanjc@google.com> · 2025-10-17
[PATCH v3 13/25] KVM: TDX: Fold tdx_mem_page_record_premap_cnt() into its sole caller · Sean Christopherson <seanjc@google.com> · 2025-10-17
Re: [PATCH v3 13/25] KVM: TDX: Fold tdx_mem_page_record_premap_cnt() into its sole caller · Huang, Kai <hidden> · 2025-10-23
Re: [PATCH v3 13/25] KVM: TDX: Fold tdx_mem_page_record_premap_cnt() into its sole caller · Huang, Kai <hidden> · 2025-10-24
Re: [PATCH v3 13/25] KVM: TDX: Fold tdx_mem_page_record_premap_cnt() into its sole caller · Binbin Wu <hidden> · 2025-10-24
Re: [PATCH v3 13/25] KVM: TDX: Fold tdx_mem_page_record_premap_cnt() into its sole caller · Sean Christopherson <seanjc@google.com> · 2025-10-24
Re: [PATCH v3 13/25] KVM: TDX: Fold tdx_mem_page_record_premap_cnt() into its sole caller · Binbin Wu <hidden> · 2025-10-27
Re: [PATCH v3 13/25] KVM: TDX: Fold tdx_mem_page_record_premap_cnt() into its sole caller · Sean Christopherson <seanjc@google.com> · 2025-10-28
[PATCH v3 14/25] KVM: TDX: Bug the VM if extended the initial measurement fails · Sean Christopherson <seanjc@google.com> · 2025-10-17
Re: [PATCH v3 14/25] KVM: TDX: Bug the VM if extended the initial measurement fails · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2025-10-21
Re: [PATCH v3 14/25] KVM: TDX: Bug the VM if extended the initial measurement fails · Sean Christopherson <seanjc@google.com> · 2025-10-23
Re: [PATCH v3 14/25] KVM: TDX: Bug the VM if extended the initial measurement fails · Huang, Kai <hidden> · 2025-10-23
Re: [PATCH v3 14/25] KVM: TDX: Bug the VM if extended the initial measurement fails · Sean Christopherson <seanjc@google.com> · 2025-10-24
Re: [PATCH v3 14/25] KVM: TDX: Bug the VM if extended the initial measurement fails · Yan Zhao <hidden> · 2025-10-27
[PATCH v3 15/25] KVM: TDX: ADD pages to the TD image while populating mirror EPT entries · Sean Christopherson <seanjc@google.com> · 2025-10-17
Re: [PATCH v3 15/25] KVM: TDX: ADD pages to the TD image while populating mirror EPT entries · Huang, Kai <hidden> · 2025-10-24
[PATCH v3 16/25] KVM: TDX: Fold tdx_sept_zap_private_spte() into tdx_sept_remove_private_spte() · Sean Christopherson <seanjc@google.com> · 2025-10-17
Re: [PATCH v3 16/25] KVM: TDX: Fold tdx_sept_zap_private_spte() into tdx_sept_remove_private_spte() · Huang, Kai <hidden> · 2025-10-24
[PATCH v3 17/25] KVM: TDX: Combine KVM_BUG_ON + pr_tdx_error() into TDX_BUG_ON() · Sean Christopherson <seanjc@google.com> · 2025-10-17
[PATCH v3 18/25] KVM: TDX: Derive error argument names from the local variable names · Sean Christopherson <seanjc@google.com> · 2025-10-17
[PATCH v3 19/25] KVM: TDX: Assert that mmu_lock is held for write when removing S-EPT entries · Sean Christopherson <seanjc@google.com> · 2025-10-17
Re: [PATCH v3 19/25] KVM: TDX: Assert that mmu_lock is held for write when removing S-EPT entries · Yan Zhao <hidden> · 2025-10-23
Re: [PATCH v3 19/25] KVM: TDX: Assert that mmu_lock is held for write when removing S-EPT entries · Sean Christopherson <seanjc@google.com> · 2025-10-23
Re: [PATCH v3 19/25] KVM: TDX: Assert that mmu_lock is held for write when removing S-EPT entries · Yan Zhao <hidden> · 2025-10-24
[PATCH v3 20/25] KVM: TDX: Add macro to retry SEAMCALLs when forcing vCPUs out of guest · Sean Christopherson <seanjc@google.com> · 2025-10-17
Re: [PATCH v3 20/25] KVM: TDX: Add macro to retry SEAMCALLs when forcing vCPUs out of guest · Huang, Kai <hidden> · 2025-10-24
Re: [PATCH v3 20/25] KVM: TDX: Add macro to retry SEAMCALLs when forcing vCPUs out of guest · Sean Christopherson <seanjc@google.com> · 2025-10-27
Re: [PATCH v3 20/25] KVM: TDX: Add macro to retry SEAMCALLs when forcing vCPUs out of guest · Huang, Kai <hidden> · 2025-10-27
[PATCH v3 21/25] KVM: TDX: Add tdx_get_cmd() helper to get and validate sub-ioctl command · Sean Christopherson <seanjc@google.com> · 2025-10-17
Re: [PATCH v3 21/25] KVM: TDX: Add tdx_get_cmd() helper to get and validate sub-ioctl command · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2025-10-21
Re: [PATCH v3 21/25] KVM: TDX: Add tdx_get_cmd() helper to get and validate sub-ioctl command · Huang, Kai <hidden> · 2025-10-24
[PATCH v3 22/25] KVM: TDX: Convert INIT_MEM_REGION and INIT_VCPU to "unlocked" vCPU ioctl · Sean Christopherson <seanjc@google.com> · 2025-10-17
Re: [PATCH v3 22/25] KVM: TDX: Convert INIT_MEM_REGION and INIT_VCPU to "unlocked" vCPU ioctl · Huang, Kai <hidden> · 2025-10-24
[PATCH v3 23/25] KVM: TDX: Use guard() to acquire kvm->lock in tdx_vm_ioctl() · Sean Christopherson <seanjc@google.com> · 2025-10-17
Re: [PATCH v3 23/25] KVM: TDX: Use guard() to acquire kvm->lock in tdx_vm_ioctl() · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2025-10-21
Re: [PATCH v3 23/25] KVM: TDX: Use guard() to acquire kvm->lock in tdx_vm_ioctl() · Sean Christopherson <seanjc@google.com> · 2025-10-21
Re: [PATCH v3 23/25] KVM: TDX: Use guard() to acquire kvm->lock in tdx_vm_ioctl() · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2025-10-21
Re: [PATCH v3 23/25] KVM: TDX: Use guard() to acquire kvm->lock in tdx_vm_ioctl() · Huang, Kai <hidden> · 2025-10-24
[PATCH v3 24/25] KVM: TDX: Guard VM state transitions with "all" the locks · Sean Christopherson <seanjc@google.com> · 2025-10-17
Re: [PATCH v3 24/25] KVM: TDX: Guard VM state transitions with "all" the locks · Yan Zhao <hidden> · 2025-10-24
Re: [PATCH v3 24/25] KVM: TDX: Guard VM state transitions with "all" the locks · Sean Christopherson <seanjc@google.com> · 2025-10-24
Re: [PATCH v3 24/25] KVM: TDX: Guard VM state transitions with "all" the locks · Yan Zhao <hidden> · 2025-10-27
Re: [PATCH v3 24/25] KVM: TDX: Guard VM state transitions with "all" the locks · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2025-10-27
Re: [PATCH v3 24/25] KVM: TDX: Guard VM state transitions with "all" the locks · Sean Christopherson <seanjc@google.com> · 2025-10-27
[PATCH] KVM: TDX: Take MMU lock around tdh_vp_init() · Rick Edgecombe <rick.p.edgecombe@intel.com> · 2025-10-28
Re: [PATCH] KVM: TDX: Take MMU lock around tdh_vp_init() · Yan Zhao <hidden> · 2025-10-28
Re: [PATCH] KVM: TDX: Take MMU lock around tdh_vp_init() · Binbin Wu <hidden> · 2025-10-29
Re: [PATCH] KVM: TDX: Take MMU lock around tdh_vp_init() · Sean Christopherson <seanjc@google.com> · 2025-11-18
Re: [PATCH] KVM: TDX: Take MMU lock around tdh_vp_init() · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2025-11-19
Re: [PATCH] KVM: TDX: Take MMU lock around tdh_vp_init() · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2025-11-19
Re: [PATCH v3 24/25] KVM: TDX: Guard VM state transitions with "all" the locks · Yan Zhao <hidden> · 2025-10-28
Re: [PATCH v3 24/25] KVM: TDX: Guard VM state transitions with "all" the locks · "Edgecombe, Rick P" <rick.p.edgecombe@intel.com> · 2025-10-28
Re: [PATCH v3 24/25] KVM: TDX: Guard VM state transitions with "all" the locks · Huang, Kai <hidden> · 2025-10-24
Re: [PATCH v3 24/25] KVM: TDX: Guard VM state transitions with "all" the locks · Huang, Kai <hidden> · 2025-10-28
Re: [PATCH v3 24/25] KVM: TDX: Guard VM state transitions with "all" the locks · Sean Christopherson <seanjc@google.com> · 2025-10-28
Re: [PATCH v3 24/25] KVM: TDX: Guard VM state transitions with "all" the locks · Huang, Kai <hidden> · 2025-10-28
[PATCH v3 25/25] KVM: TDX: Fix list_add corruption during vcpu_load() · Sean Christopherson <seanjc@google.com> · 2025-10-17
Re: [PATCH v3 25/25] KVM: TDX: Fix list_add corruption during vcpu_load() · Yan Zhao <hidden> · 2025-10-20

From: Sean Christopherson <seanjc@google.com>
Date: 2025-10-27 18:10:52
Also in: kvm, kvm-riscv, kvmarm, linux-coco, linux-mips, linux-riscv, linuxppc-dev, lkml, loongarch

On Mon, Oct 27, 2025, Rick P Edgecombe wrote:

On Mon, 2025-10-27 at 17:26 +0800, Yan Zhao wrote:

quoted

Ugh, I'd rather not?  Refresh me, what's the story with "v1"?  Are we now on
v2?

No... We are now on v1.
As in [1], I found that TDX module changed SEAMCALL TDH_VP_INIT behavior to
require exclusive lock on resource TDR when leaf_opcode.version > 0.

Therefore, we moved KVM_TDX_INIT_VCPU to tdx_vcpu_unlocked_ioctl() in patch
22.

[1] https://lore.kernel.org/all/aLa34QCJCXGLk%2Ffl@yzhao56-desk.sh.intel.com/ (local)

Looking at the PDF docs, TDR exclusive locking in version == 1 is called out at
least back to the oldest ABI docs I have (March 2024). Not sure about the
assertion that the behavior changed, but if indeed this was documented, it's a
little bit our bad. We might consider being flexible around calling it a TDX ABI
break?

Sean, can you elaborate why taking mmu_lock is objectionable here, though?

It's not, I was just hoping we could avoid yet more complexity.

Assuming we do indeed need to take mmu_lock, can you send a patch that applies
on top?  I'm not planning on sending any of this to stable@, so I don't see any
reason to try and juggle patches around.

Note, myself (and I think Yan?) determined the locking by examining TDX module
source. For myself, it's possible I misread the locking originally.

Also, I'm not sure about switching gears at this point, but it makes me wonder
about the previously discussed option of trying to just duplicate the TDX locks
on the kernel side.

Please no.  At best that will yield a pile of effectively useless code.  At worst,
it will make us lazy and lead to real bugs because we don't propery guard the *KVM*
flows that need exclusivity relative to what is going on in the TDX-Module.

Or perhaps make some kind of debug time lockdep type thing to document/check
the assumptions in the kernel. Something along the lines of this patch, but
to map the TDX locks to KVM locks or something. As we add more things (DPAMT,
etc), it doesn't seem like the TDX locking is getting tamer...

Hmm, I like the idea, but actually getting meaningful coverage could be quite
difficult.

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help