Re: [PATCH v10 05/16] x86/virt/tdx: Add skeleton to enable TDX on demand

[Huang, Kai]

On Wed, 2023-03-08 at 14:27 -0800, Isaku Yamahata wrote:
> > +
> > +static int try_init_module_global(void)
> > +{
> > +	int ret;
> > +
> > +	/*
> > +	 * The TDX module global initialization only needs to be done
> > +	 * once on any cpu.
> > +	 */
> > +	spin_lock(&tdx_global_init_lock);
> > +
> > +	if (tdx_global_init_status & TDX_GLOBAL_INIT_DONE) {
> > +		ret = tdx_global_init_status & TDX_GLOBAL_INIT_FAILED ?
> > +			-EINVAL : 0;
> > +		goto out;
> > +	}
> > +
> > +	/* All '0's are just unused parameters. */
> > +	ret = seamcall(TDH_SYS_INIT, 0, 0, 0, 0, NULL, NULL);
> > +
> > +	tdx_global_init_status = TDX_GLOBAL_INIT_DONE;
> > +	if (ret)
> > +		tdx_global_init_status |= TDX_GLOBAL_INIT_FAILED;
> 
> If entropy is lacking (rdrand failure), TDH_SYS_INIT can return TDX_SYS_BUSY.
> In such case, we should allow the caller to retry or make this function retry
> instead of marking error stickily.

The spec says:

TDX_SYS_BUSY	The operation was invoked when another TDX module
		operation was in progress. The operation may be retried.

So I don't see how entropy is lacking is related to this error.  Perhaps you
were mixing up with KEY.CONFIG?