Re: [RFC PATCH v2 66/69] KVM: TDX: Add "basic" support for building and running Trust Domains

From: Xiaoyao Li
Date: Sun Oct 24 2021 - 08:59:47 EST


On 10/22/2021 5:44 AM, Sagi Shahar wrote:
On Fri, Jul 2, 2021 at 3:06 PM, Isaku Yamahata
<isaku.yamahata@xxxxxxxxx> wrote:
Subject: [RFC PATCH v2 66/69] KVM: TDX: Add "basic" support for
building and running Trust Domains


+static int tdx_map_gpa(struct kvm_vcpu *vcpu)
+{
+ gpa_t gpa = tdvmcall_p1_read(vcpu);
+ gpa_t size = tdvmcall_p2_read(vcpu);
+
+ if (!IS_ALIGNED(gpa, 4096) || !IS_ALIGNED(size, 4096) ||
+ (gpa + size) < gpa ||
+ (gpa + size) > vcpu->kvm->arch.gfn_shared_mask << (PAGE_SHIFT + 1))
+ tdvmcall_set_return_code(vcpu, TDG_VP_VMCALL_INVALID_OPERAND);
+ else
+ tdvmcall_set_return_code(vcpu, TDG_VP_VMCALL_SUCCESS);
+
+ return 1;
+}

This function looks like a no op in case of success. Is this
intentional? Is this mapping handled somewhere else later on?


Yes, it's intentional.

The mapping will be exactly set up in EPT violation handler when the GPA is really accessed.