The break apart looks good.

On Sat, 2023-12-23 at 02:52 +0300, Kirill A. Shutemov wrote:

+       while (addr < end) {
+               unsigned long size;
+               unsigned int level;
+               pte_t *pte;
+
+               pte = lookup_address(addr, &level);
+               size = page_level_size(level);
+
+               if (pte && pte_decrypted(*pte)) {
+                       int pages = size / PAGE_SIZE;
+
+                       /*
+                        * Touching memory with shared bit set
triggers implicit
+                        * conversion to shared.
+                        *
+                        * Make sure nobody touches the shared range
from
+                        * now on.
+                        */
+                       set_pte(pte, __pte(0));

Does this need a full shootdown at this point, at least in the crash
case? A local flush for the non-crash case might be nice too.

Also, probably a barrier() between set_pte() and
tdx_enc_status_changed().

+
+                       if (!tdx_enc_status_changed(addr, pages,
true)) {
+                               pr_err("Failed to unshare range %#lx-
%#lx\n",
+                                      addr, addr + size);
+                       }