Re: [PATCH] x86/sev: Make SEV_STATUS available via SYSFS

[Juergen Gross]

On 10.03.25 13:35, Joerg Roedel wrote:
> On Mon, Mar 10, 2025 at 01:28:38PM +0100, Juergen Gross wrote:
> > We can (saying that with my Xen maintainer hat on).
> >
> > There is /sys/hypervisor/type which should return the used virtualization
> > environment ("xen" when running as a Xen guest).
>
> In CoCo environments there can be more than one hypervisor beneath the
> guest. For example KVM as the untrusted host, SVSM or another para-visor
> as the trusted in-guest hypervisor. On TDX there is also the TDX module
> in-between, which is another level of hypervisors. ARM and Risc-V will
> have similar architectures.

There are multiple possible approaches here:

1. Only name the hypervisor nearest to the guest (similar to running Xen on
   top of another hypervisor in nested virtualization, which would still
   say "xen").

2. Add another entry for naming the outer hypervisor(s) (if possible).

3. Name all known hypervisor levels, like "kvm,svsm" or "svsm,kvm").

BTW, I've found another user of /sys/hypervisor: s390 running as a z/VM
guest is saying "z/VM Hypervisor" in /sys/hypervisor/type.


Juergen

Attachment: OpenPGP_0xB0DE9DD628BF132F.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature.asc
Description: OpenPGP digital signature