Re: [PATCH v12 12/23] KVM: selftests: Add helper to initialize TDX VM

[Binbin Wu]

On 10/29/2025 5:20 AM, Sagi Shahar wrote:
> KVM_TDX_INIT_VM needs to be called after KVM_CREATE_VM and before
> creating any VCPUs, thus before KVM_SET_CPUID2. KVM_TDX_INIT_VM accepts
> the CPUID values directly.
This sentence seems not accurate.
KVM_TDX_INIT_VM, i.e. the seamcall TDH.MNG.INIT, allows only directly
configurable CPUID bits to be 1.

> Since KVM_GET_CPUID2 can't be used at this point,

I don't think this is relevant.

As mentioned above, only directly configurable CPUID bits can be 1, so the
CPUIDs input for KVM_TDX_INIT_VM should be filtered against the supported
directly configurable CPUID bits.

>   calculate the CPUID
> values manually by using kvm_get_supported_cpuid() and filter the
> returned CPUIDs against the supported CPUID values read from the TDX

supported CPUID -> supported configurable CPUID

> module.
[...]