Re: [PATCH 04/15] x86/virt/tdx: Enable the Extensions right after basic TDX Module init

Next message: Vinod Koul: "Re: [PATCH v4 2/3] dmaengine: atcdmac300: Add driver for Andes ATCDMAC300 DMA controller"
Previous message: Jan Kara: "Re: [PATCH v3 0/2] fanotify: lift pidfd reporting restrictions"
Next in thread: Peter Fang: "Re: [PATCH 04/15] x86/virt/tdx: Enable the Extensions right after basic TDX Module init"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Xu Yilun

Date: Mon Jun 08 2026 - 07:07:22 EST

> > +static __init int init_tdx_ext(void)
> > {
> > int ret;
> > @@ -1373,6 +1373,10 @@ static __init int init_tdx_module(void)
> > if (ret)
> > goto err_reset_pamts;
> > + ret = init_tdx_ext();
> > + if (ret)
> > + goto err_reset_pamts;
>
> Is it a reasonable policy to fail TDX bringup entirely upon failing
> initialization of extensions (which are "add-on features")?

mm.. I think TDX Extension is not strictly an add-on feature from OS
POV. It is still a fundamental TDX infrastructure. Host should not
look into the Module and create substates like Base-good-Extension-bad or
both-good. There are some considerations:

- Extension cannot be explicitly configured by TDH.SYS.CONFIG, it is
implicitly configured by TDX Module if an add-on feature requires it.

- There is no enumeration of which SEAMCALLs are Extension-SEAMCALLs so
Base-good-Extension-bad actually brings more chaos later.

So the series is making all effort to make TDX bringup a stateless
process, no intermediate state.

>
> The handling of tdx_quote_init() in Patch 6 suggests a more
> best-effort approach.

TDX Quoting is however a clear self-contained add-on feature from OS POV.
Though I'm not sure if a TDX platform is still a safe TCB with DICE
available but failed, and good for "best-effort" policy? Maybe Peter
could answer.
>