Re: [GIT PULL] KVM: x86: MMU changes for 7.2

[Paolo Bonzini]

On Fri, Jun 12, 2026 at 2:48 AM Sean Christopherson <seanjc@xxxxxxxxxx> wrote:
>
> A big overhaul of the TDP MMU => S-EPT code in prepartion for Dynamic PAMT
> support.  The non-KVM changes have acks from Dave.
>
> The following changes since commit b7fbe9a1bf9ee6c967ef77d366ca58c35fcf1887:
>
>   Merge branch 'kvm-apx-prepare' into HEAD (2026-05-13 12:38:31 -0400)
>
> are available in the Git repository at:
>
>   https://github.com/kvm-x86/linux.git tags/kvm-x86-mmu-7.2
>
> for you to fetch changes up to 69397c92de77525f70aa43cf3a47256cef409382:
>
>   KVM: x86/mmu: Recursively zap orphaned nested TDP shadow pages on emulated writes (2026-06-08 15:23:09 -0700)
>
> ----------------------------------------------------------------
> KVM x86 MMU changes for 7.2
>
>  - Use the kernel's "enum pg_level" in the TDX APIs instead of the TDX-Module's
>    level definitions (which are 0-based).
>
>  - Rework the TDX memory APIs to not require/assume that guest memory is
>    backed by "struct page" (in prepartion for guest_memfd hugepage support).
>
>  - Overhaul the TDP MMU => S-EPT code to move as much S-EPT specific logic as
>    possible into the TDX code, and to funnel (almost) all S-EPT updates into
>    a single chokepoint.  The motivation is largely to prepare for upcoming
>    Dynamic PAMT support, but the cleanups are nice to have on their own.
>
>  - Plug a hole in the shadow MMU where KVM fails to recursively zap nested TDP
>    shadow when L1 is tearing its TDP page tables from the bottom up, as KVM's
>    TDP MMU now does.
>
> ----------------------------------------------------------------

Pulled, thanks.

Paolo

> Rick Edgecombe (4):
>       KVM: TDX: Move KVM_BUG_ON()s in __tdp_mmu_set_spte_atomic() to TDX code
>       KVM: TDX: Move lockdep assert in __tdp_mmu_set_spte_atomic() to TDX code
>       KVM: x86/tdp_mmu: Morph !is_frozen_spte() check into a KVM_MMU_WARN_ON()
>       KVM: x86/mmu: Drop KVM_BUG_ON() on shared lock to zap child external PTEs
>
> Sean Christopherson (17):
>       x86/tdx: Use pg_level in TDX APIs, not the TDX-Module's 0-based level
>       KVM: x86/mmu: Update iter->old_spte if cmpxchg64 on mirror SPTE "fails"
>       KVM: TDX: Account all non-transient page allocations for per-TD structures
>       KVM: x86: Make "external SPTE" ops that can fail RET0 static calls
>       x86/tdx: Use PFN directly for mapping guest private memory
>       x86/tdx: Use PFN directly for unmapping guest private memory
>       KVM: TDX: Drop kvm_x86_ops.link_external_spt()
>       KVM: TDX: Wrap mapping of leaf and non-leaf S-EPT entries into helpers
>       KVM: x86/mmu: Fold set_external_spte_present() into its sole caller
>       KVM: x86/mmu: Plumb param "old_spte" into kvm_x86_ops.set_external_spte()
>       KVM: x86/mmu: Plumb "sp" _pointer_ into the TDP MMU's handle_changed_spte()
>       KVM: x86/tdp_mmu: Centrally propagate to-present/atomic zap updates to external PTEs
>       KVM: TDX: Hoist tdx_sept_remove_private_spte() above set_private_spte()
>       KVM: TDX: Drop kvm_x86_ops.remove_external_spte()
>       KVM: x86: Move error handling inside free_external_spt()
>       KVM: TDX: Move external page table freeing to TDX code
>       KVM: x86/mmu: Recursively zap orphaned nested TDP shadow pages on emulated writes
>
> Yan Zhao (3):
>       x86/tdx: Drop exported function tdx_quirk_reset_page()
>       x86/virt/tdx: Move mk_keyed_paddr() to tdx.c due to no external users
>       KVM: TDX: Rename tdx_sept_remove_private_spte() to show it's for leaf SPTEs
>
>  arch/x86/include/asm/kvm-x86-ops.h |   4 +-
>  arch/x86/include/asm/kvm_host.h    |  13 +-
>  arch/x86/include/asm/tdx.h         |  34 ++---
>  arch/x86/kvm/mmu/mmu.c             |   2 +-
>  arch/x86/kvm/mmu/tdp_mmu.c         | 275 ++++++++++++++++---------------------
>  arch/x86/kvm/vmx/tdx.c             | 208 +++++++++++++++++-----------
>  arch/x86/virt/vmx/tdx/tdx.c        |  64 +++++----
>  7 files changed, 302 insertions(+), 298 deletions(-)
>