RE: [PATCH v2 19/31] iommu/vt-d: Reserve the MSB domain ID bit for the TDX module

[Tian, Kevin]

> From: Xu Yilun <yilun.xu@xxxxxxxxxxxxxxx>
> Sent: Saturday, March 28, 2026 12:01 AM
> 
> +
> +static bool platform_is_tdxc_enhanced(void)

platform_support_tdxc()

> +{
> +	static int tvm_usable = -1;
> +	int ret;
> +
> +	/* only need to parse once */
> +	if (tvm_usable != -1)
> +		return !!tvm_usable;
> +
> +	tvm_usable = 0;
> +	ret = acpi_table_parse_keyp(ACPI_KEYP_TYPE_CONFIG_UNIT,
> +				    keyp_config_unit_tvm_usable,
> &tvm_usable);
> +	if (ret < 0)
> +		tvm_usable = 0;

this is useless. tvm_usable is already set to '0' before the function call.

> +
> +	return !!tvm_usable;
> +}
> +
> +static unsigned long iommu_max_domain_id(struct intel_iommu *iommu)
> +{
> +	unsigned long ndoms = cap_ndoms(iommu->cap);
> +
> +	/*
> +	 * Intel TDX Connect Architecture Specification, Section 2.2 Trusted
> DMA
> +	 *
> +	 * When IOMMU is enabled to support TDX Connect, the IOMMU
> restricts
> +	 * the VMM’s DID setting, reserving the MSB bit for the TDX module.
> The
> +	 * TDX module always sets this reserved bit on the trusted DMA table.
> +	 */
> +	if (ecap_tdxc(iommu->ecap) && platform_is_tdxc_enhanced()) {
> +		pr_info_once("Most Significant Bit of domain ID
> reserved.\n");

'... reserved for TDX Connect'

> +		return ndoms >> 1;
> +	}
> +

Here we need more words to explain the strategy here.

The comment says "When IOMMU is *enabled*...", but the code here
just checks the static capability. It's probably a design choice that you
don't want to add complexity on recycling DIDs when TDX connect
is actually enabled, but it's worth a note here.

btw in patch23 commit msg:

"
There is no dedicated way to enumerate which IOMMU devices support
trusted operations. The host has to call TDH.IOMMU.SETUP on all IOMMU
devices and tell their trusted capability by the return value.
"

which implies that ecap_tdxc() alone doesn't really report the capability?

anyway all of those need a better explanation here...