Re: [PATCH 1/3] VFIO: take reference to the KVM module

[Xu Yilun]

On Wed, Apr 15, 2026 at 05:31:29PM -0700, Sean Christopherson wrote:
> On Fri, Apr 10, 2026, Dan Williams wrote:
> > Sean Christopherson wrote:
> > > +Dan
> > 
> > +Yilun
> > 
> > [..]
> > > I added Dan because the PCI TSM stuff is picking up "struct kvm *kvm" references,
> > > and I want to head that off too, i.e. have it use the file approach instead of
> > > whatever it plans on doing (can't tell from the code, because there are no users).
> > 
> > The PCI TSM *reference* for 'struct kvm *' will be inherited from
> > vfio/iommufd. However, the TSM driver needs some context to manipulate
> 
> I assume/hope it just need to read "struct kvm" state though?
> 
> > the VM. For example, TDX effectively needs:
> > 
> >     to_kvm_tdx(kvm)->td.tdr_page
> > 
> > ...for operations like TDH.TDI.CREATE that sets up the context for the
> > privately assigned device.
> > 
> > It could follow the example of arch/x86/kvm/mmu/page_track.c and do:
> > 
> >     kvm_tdx_tdi_create(struct file *kvm, ...)
> > 
> > ...and use file_to_kvm() for that limited helper that does not need to expose
> > 'struct kvm_tdx' outside of arch/x86/.
> 
> Any idea how many assets do you anticipate needing?  E.g. is it just the TDR
> page, or will TSM need a whole pile of information?

kvm_tdx needs to export several infomation for the whole TDX Connect
to work.

For TSM TDI bind (device secure state transition) part, it only needs
TDR page PA as the TD identifier for TDX Module.


For trusted setup in IOMMU driver, since trusted DMA reuses SEPT as
trusted IOPT, it needs EPT info - eptp_page_walk_level & ad_enabled to
setup trusted IOPT accordingly.

Also because of the page table reusing, IOMMU driver also need to
register a notifier to kvm_tdx for trusted IOTLB flushing on SEPT TLB
flushing.

Thanks,
Yilun