Re: [PATCH] x86/tdx: Preserve shared bit on mprotect()

[Edgecombe, Rick P]

On Fri, 2024-04-12 at 22:12 +0300, Kirill A. Shutemov wrote:
> The TDX guest platform takes one bit from the physical address to
> indicate if the page is shared (accessible by VMM). This bit is not part
> of the physical_mask and is not preserved during mprotect(). As a
> result, the 'shared' bit is lost during mprotect() on shared mappings.
> 
> _COMMON_PAGE_CHG_MASK specifies which PTE bits need to be preserved
> during modification. AMD includes 'sme_me_mask' in the define to
> preserve the 'encrypt' bit.
> 
> To cover both Intel and AMD cases, include 'cc_mask' in
> _COMMON_PAGE_CHG_MASK instead of 'sme_me_mask'.
> 
> Signed-off-by: Kirill A. Shutemov <kirill.shutemov@xxxxxxxxxxxxxxx>
> Fixes: 41394e33f3a0 ("x86/tdx: Extend the confidential computing API to
> support TDX guests")
> Cc: Tom Lendacky <thomas.lendacky@xxxxxxx>
> Cc: Chris Oo <cho@xxxxxxxxxxxxx>
> Cc: Dexuan Cui <decui@xxxxxxxxxxxxx>

Reviewed-by: Rick Edgecombe <rick.p.edgecombe@xxxxxxxxx>

So does this mean there is shared memory mapped to userspace? Or is this a
theoretical correctness thing?