On 5/17/21 11:37 AM, Sean Christopherson wrote:
Just remember, a "common framework" doesn't mean that it can't be backedYa, exactly. Ideally, generic code shouldn't have to differentiate between SEV,
by extremely arch-specific mechanisms.
For instance, there's a lot of pkey-specific code in mm/mprotect.c. It
still gets optimized away on x86 with all the goodness of X86_FEATUREs.
SEV-ES, SEV-SNP, TDX, etc..., a vanilla "bool is_protected_guest(void)" should
suffice. Under the hood, x86's implementation for is_protected_guest() can be
boot_cpu_has() checks (if we want).
What about the use case of protected_guest_has(flag)? Do you want to call it with
with X86_FEATURE_* flags outside arch/x86 code ?