Re: [PATCH v10 02/11] x86/tdx: Introduce INTEL_TDX_GUEST config option

From: Josh Poimboeuf
Date: Mon Oct 11 2021 - 14:19:58 EST

Next message: Ondrej Mosnacek: "Re: [PATCH v2 selinux] selinux: remove unneeded ipv6 hook wrappers"
Previous message: Mukunda,Vijendar: "Re: [PATCH 1/3] ASoc: amd: create platform device for VG machine driver"
In reply to: Kuppuswamy Sathyanarayanan: "[PATCH v10 02/11] x86/tdx: Introduce INTEL_TDX_GUEST config option"
Next in thread: Andi Kleen: "Re: [PATCH v10 02/11] x86/tdx: Introduce INTEL_TDX_GUEST config option"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Oct 08, 2021 at 10:37:38PM -0700, Kuppuswamy Sathyanarayanan wrote:
> +config INTEL_TDX_GUEST
> + bool "Intel Trusted Domain Extensions (TDX) Guest Support"
> + depends on X86_64 && CPU_SUP_INTEL && PARAVIRT
> + depends on SECURITY
> + depends on X86_X2APIC
> + help
> + Provide support for running in a trusted domain on Intel processors
> + equipped with Trusted Domain Extensions. TDX is a Intel technology
> + that extends VMX and Memory Encryption with a new kind of virtual
> + machine guest called Trust Domain (TD). A TD is designed to run in
> + a CPU mode that protects the confidentiality of TD memory contents
> + and the TD’s CPU state from other software, including VMM. TDX guest
> + uses virtual X2APIC for interrupt management.

Why does it depend on SECURITY? It should at least be explained in the
commit message.

--
Josh

Next message: Ondrej Mosnacek: "Re: [PATCH v2 selinux] selinux: remove unneeded ipv6 hook wrappers"
Previous message: Mukunda,Vijendar: "Re: [PATCH 1/3] ASoc: amd: create platform device for VG machine driver"
In reply to: Kuppuswamy Sathyanarayanan: "[PATCH v10 02/11] x86/tdx: Introduce INTEL_TDX_GUEST config option"
Next in thread: Andi Kleen: "Re: [PATCH v10 02/11] x86/tdx: Introduce INTEL_TDX_GUEST config option"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]