Re: [PATCH v5 08/12] x86/tdx: Add HLT support for TDX guest

[Sean Christopherson]

On Tue, Aug 24, 2021, Borislav Petkov wrote:
> On Tue, Aug 24, 2021 at 05:06:21PM +0000, Sean Christopherson wrote:
> > It would be helpful to use local variables to document what's up, e.g.
> > 
> >  	const bool irqs_enabled = true;
> > 	const bool do_sti = true;
> > 
> > 	ret = _tdx_hypercall(EXIT_REASON_HLT, irqs_enabled0, 0, 0, do_sti, NULL);
> 
> Wait, is this do_sti thing supposed to be:
> 
> 	 * ... But this
>          * change is not required for all HLT cases. So use R15
>          * register value to identify the case which needs sti. So,
>          * if R11 is EXIT_REASON_HLT and R15 is 1, then call sti
>          * before TDCALL instruction.
> 
> ?
> 
> 
> > > > +	ret = _tdx_hypercall(EXIT_REASON_HLT, 0, 0, 0, 1, NULL);
> 						      ^^^
> Yeah, it must be it - the 1 there.
> 
> And what's with the irqs_enabled first parameter?
> 
> Is that used by the TDX module?

It's passed to the (untrusted) VMM.  The TDX Module has direct access to the guest's
entire FLAGS via the VMCS.

The VMM uses the "IRQs enabled" param to understand whether or not it should
schedule the halted vCPU if an IRQ becomes pending.  E.g. if IRQs are disabled
the VMM can keep the vCPU in virtual HLT, even if an IRQ is pending, without
hanging/breaking the guest.