Move tdx_guest::unprotect_gpa_range into IoMem creation

2025-06-08 21:06:48 +00:00 · 2025-04-17 16:28:24 +08:00 · 2025-04-17 16:28:24 +08:00 · ef898e572c
commit ef898e572c
parent 04a8fccd2f
2 changed files with 11 additions and 15 deletions
--- a/ostd/src/bus/pci/capability/msix.rs
+++ b/ostd/src/bus/pci/capability/msix.rs
@ -99,21 +99,6 @@ impl CapabilityMsixData {

        // Set message address 0xFEE0_0000
        for i in 0..table_size {
-            #[cfg(target_arch = "x86_64")]
-            crate::arch::if_tdx_enabled!({
-                // SAFETY:
-                // This is safe because we are ensuring that the physical address of the MSI-X table is valid before this operation.
-                // We are also ensuring that we are only unprotecting a single page.
-                // The MSI-X table will not exceed one page size, because the size of an MSI-X entry is 16 bytes, and 256 entries are required to fill a page,
-                // which is just equal to the number of all the interrupt numbers on the x86 platform.
-                // It is better to add a judgment here in case the device deliberately uses so many interrupt numbers.
-                // In addition, due to granularity, the minimum value that can be set here is only one page.
-                // Therefore, we are not causing any undefined behavior or violating any of the requirements of the `unprotect_gpa_range` function.
-                unsafe {
-                    crate::arch::tdx_guest::unprotect_gpa_range(table_bar.io_mem().paddr(), 1)
-                        .unwrap();
-                }
-            });
            // Set message address and disable this msix entry
            table_bar
                .io_mem()
--- a/ostd/src/io/io_mem/mod.rs
+++ b/ostd/src/io/io_mem/mod.rs
@ -90,6 +90,17 @@ impl IoMem {
            #[cfg(target_arch = "x86_64")]
            {
                crate::arch::if_tdx_enabled!({
+                    if first_page_start != range.start || last_page_end != range.end {
+                        panic!("Alignment check failed when TDX is enabled. Requested IoMem range: {:#x?}..{:#x?}", range.start, range.end);
+                    }
+
+                    let pages = (last_page_end - first_page_start) / PAGE_SIZE;
+                    // SAFETY:
+                    // This is safe because we are ensuring that the physical address must be in the I/O memory region, and only unprotecting this region.
+                    unsafe {
+                        crate::arch::tdx_guest::unprotect_gpa_range(first_page_start, pages).unwrap();
+                    }
+
                    PrivilegedPageFlags::SHARED
                } else {
                    PrivilegedPageFlags::empty()