[GIT PULL] KVM: x86: MMU changes for 7.2

[Sean Christopherson]

A big overhaul of the TDP MMU => S-EPT code in prepartion for Dynamic PAMT
support.  The non-KVM changes have acks from Dave.

The following changes since commit b7fbe9a1bf9ee6c967ef77d366ca58c35fcf1887:

  Merge branch 'kvm-apx-prepare' into HEAD (2026-05-13 12:38:31 -0400)

are available in the Git repository at:

  https://github.com/kvm-x86/linux.git tags/kvm-x86-mmu-7.2

for you to fetch changes up to 69397c92de77525f70aa43cf3a47256cef409382:

  KVM: x86/mmu: Recursively zap orphaned nested TDP shadow pages on emulated writes (2026-06-08 15:23:09 -0700)

----------------------------------------------------------------
KVM x86 MMU changes for 7.2

 - Use the kernel's "enum pg_level" in the TDX APIs instead of the TDX-Module's
   level definitions (which are 0-based).

 - Rework the TDX memory APIs to not require/assume that guest memory is
   backed by "struct page" (in prepartion for guest_memfd hugepage support).

 - Overhaul the TDP MMU => S-EPT code to move as much S-EPT specific logic as
   possible into the TDX code, and to funnel (almost) all S-EPT updates into
   a single chokepoint.  The motivation is largely to prepare for upcoming
   Dynamic PAMT support, but the cleanups are nice to have on their own.

 - Plug a hole in the shadow MMU where KVM fails to recursively zap nested TDP
   shadow when L1 is tearing its TDP page tables from the bottom up, as KVM's
   TDP MMU now does.

----------------------------------------------------------------
Rick Edgecombe (4):
      KVM: TDX: Move KVM_BUG_ON()s in __tdp_mmu_set_spte_atomic() to TDX code
      KVM: TDX: Move lockdep assert in __tdp_mmu_set_spte_atomic() to TDX code
      KVM: x86/tdp_mmu: Morph !is_frozen_spte() check into a KVM_MMU_WARN_ON()
      KVM: x86/mmu: Drop KVM_BUG_ON() on shared lock to zap child external PTEs

Sean Christopherson (17):
      x86/tdx: Use pg_level in TDX APIs, not the TDX-Module's 0-based level
      KVM: x86/mmu: Update iter->old_spte if cmpxchg64 on mirror SPTE "fails"
      KVM: TDX: Account all non-transient page allocations for per-TD structures
      KVM: x86: Make "external SPTE" ops that can fail RET0 static calls
      x86/tdx: Use PFN directly for mapping guest private memory
      x86/tdx: Use PFN directly for unmapping guest private memory
      KVM: TDX: Drop kvm_x86_ops.link_external_spt()
      KVM: TDX: Wrap mapping of leaf and non-leaf S-EPT entries into helpers
      KVM: x86/mmu: Fold set_external_spte_present() into its sole caller
      KVM: x86/mmu: Plumb param "old_spte" into kvm_x86_ops.set_external_spte()
      KVM: x86/mmu: Plumb "sp" _pointer_ into the TDP MMU's handle_changed_spte()
      KVM: x86/tdp_mmu: Centrally propagate to-present/atomic zap updates to external PTEs
      KVM: TDX: Hoist tdx_sept_remove_private_spte() above set_private_spte()
      KVM: TDX: Drop kvm_x86_ops.remove_external_spte()
      KVM: x86: Move error handling inside free_external_spt()
      KVM: TDX: Move external page table freeing to TDX code
      KVM: x86/mmu: Recursively zap orphaned nested TDP shadow pages on emulated writes

Yan Zhao (3):
      x86/tdx: Drop exported function tdx_quirk_reset_page()
      x86/virt/tdx: Move mk_keyed_paddr() to tdx.c due to no external users
      KVM: TDX: Rename tdx_sept_remove_private_spte() to show it's for leaf SPTEs

 arch/x86/include/asm/kvm-x86-ops.h |   4 +-
 arch/x86/include/asm/kvm_host.h    |  13 +-
 arch/x86/include/asm/tdx.h         |  34 ++---
 arch/x86/kvm/mmu/mmu.c             |   2 +-
 arch/x86/kvm/mmu/tdp_mmu.c         | 275 ++++++++++++++++---------------------
 arch/x86/kvm/vmx/tdx.c             | 208 +++++++++++++++++-----------
 arch/x86/virt/vmx/tdx/tdx.c        |  64 +++++----
 7 files changed, 302 insertions(+), 298 deletions(-)