Re: [PATCH v10 02/11] x86/tdx: Introduce INTEL_TDX_GUEST config option

From: Andi Kleen
Date: Mon Oct 11 2021 - 14:38:59 EST

Next message: David Sterba: "[GIT PULL] Btrfs fixes for 5.15-rc6"
Previous message: Saurav Girepunje: "Re: [PATCH v2] staging: rtl8723bs: os_dep: simplify the return statement."
In reply to: Josh Poimboeuf: "Re: [PATCH v10 02/11] x86/tdx: Introduce INTEL_TDX_GUEST config option"
Next in thread: Kuppuswamy, Sathyanarayanan: "Re: [PATCH v10 02/11] x86/tdx: Introduce INTEL_TDX_GUEST config option"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 10/11/2021 11:19 AM, Josh Poimboeuf wrote:

On Fri, Oct 08, 2021 at 10:37:38PM -0700, Kuppuswamy Sathyanarayanan wrote:

+config INTEL_TDX_GUEST
+ bool "Intel Trusted Domain Extensions (TDX) Guest Support"
+ depends on X86_64 && CPU_SUP_INTEL && PARAVIRT
+ depends on SECURITY
+ depends on X86_X2APIC
+ help
+ Provide support for running in a trusted domain on Intel processors
+ equipped with Trusted Domain Extensions. TDX is a Intel technology
+ that extends VMX and Memory Encryption with a new kind of virtual
+ machine guest called Trust Domain (TD). A TD is designed to run in
+ a CPU mode that protects the confidentiality of TD memory contents
+ and the TD’s CPU state from other software, including VMM. TDX guest
+ uses virtual X2APIC for interrupt management.

Why does it depend on SECURITY? It should at least be explained in the
commit message.

It can be dropped, it was only needed in an earlier version that used a LSM.

-Andi

Next message: David Sterba: "[GIT PULL] Btrfs fixes for 5.15-rc6"
Previous message: Saurav Girepunje: "Re: [PATCH v2] staging: rtl8723bs: os_dep: simplify the return statement."
In reply to: Josh Poimboeuf: "Re: [PATCH v10 02/11] x86/tdx: Introduce INTEL_TDX_GUEST config option"
Next in thread: Kuppuswamy, Sathyanarayanan: "Re: [PATCH v10 02/11] x86/tdx: Introduce INTEL_TDX_GUEST config option"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]