Re: [PATCH] KVM: x86/mmu: Don't create SPTEs for addresses that aren't mappable

[Edgecombe, Rick P]

On Wed, 2026-02-18 at 16:22 -0800, Sean Christopherson wrote:
> +static void reset_tdp_unmappable_mask(struct kvm_mmu *mmu)
> +{
> +	int max_addr_bit;
> +
> +	switch (mmu->root_role.level) {
> +	case PT64_ROOT_5LEVEL:
> +		max_addr_bit = 52;
> +		break;
> +	case PT64_ROOT_4LEVEL:
> +		max_addr_bit = 48;
> +		break;
> +	case PT32E_ROOT_LEVEL:
> +		max_addr_bit = 32;
> +		break;
> +	default:
> +		WARN_ONCE(1, "Unhandled root level %u\n", mmu->root_role.level);
> +		mmu->unmappable_mask = 0;

Would it be better to set max_addr_bit to 0 and let rsvd_bits() set it below?
Then the unknown case is safer about rejecting things.

> +		return;
> +	}
> +
> +	mmu->unmappable_mask = rsvd_bits(max_addr_bit, 63);
> +}
> +

Gosh, this forced me to expand my understanding of how the guest and host page
levels get glued together. Hopefully this is not too far off...

In the patch this function is passed both guest_mmu and root_mmu. So sometimes
it's going to be L1 GPA address, and sometimes (for AMD nested?) it's going to
be an L2 GVA. For the GVA case I don't see how PT32_ROOT_LEVEL can be omitted.
It would hit the warning?

But also the '5' case is weird because as a GVA the max addresse bits should be
57 and a GPA is should be 54. And that the TDP side uses 4 and 5 specifically,
so the PT64_ just happens to match.

So I'd think this needs a version for GVA and one for GPA.