Re: [RFC PATCH v5 008/104] KVM: TDX: Add a function to initialize TDX module
From: Isaku Yamahata
Date: Fri Apr 01 2022 - 16:18:14 EST
On Fri, Apr 01, 2022 at 02:56:40PM +0800,
Xiaoyao Li <xiaoyao.li@xxxxxxxxx> wrote:
> On 4/1/2022 3:41 AM, Isaku Yamahata wrote:
> > On Thu, Mar 31, 2022 at 04:31:10PM +1300,
> > Kai Huang <kai.huang@xxxxxxxxx> wrote:
> >
> > > On Fri, 2022-03-04 at 11:48 -0800, isaku.yamahata@xxxxxxxxx wrote:
> > > > From: Isaku Yamahata <isaku.yamahata@xxxxxxxxx>
> >
> > > > Add a wrapper function to initialize the TDX module and get system-wide
> > > > parameters via those APIs. Because TDX requires VMX enabled, It will be
> > > > called on-demand when the first guest TD is created via x86 KVM init_vm
> > > > callback.
> > >
> > > Why not just merge this patch with the change where you implement the init_vm
> > > callback? Then you can just declare this patch as "detect and initialize TDX
> > > module when first VM is created", or something like that..
> >
> > Ok. Anyway in the next respoin, tdx module initialization will be done when
> > loading kvm_intel.ko. So the whole part will be changed and will be a part
> > of module loading.
>
> Will we change the GET_TDX_CAPABILITIES ioctl back to KVM scope?
No because it system scoped KVM_TDX_CAPABILITIES requires one more callback for
it. We can reduce the change.
Or do you have any use case for system scoped KVM_TDX_CAPABILITIES?
--
Isaku Yamahata <isaku.yamahata@xxxxxxxxx>