On Fri, Jun 18, 2021 at 16:50:45 +0800, Zhenzhong Duan wrote: > * What's TDX? > TDX stands for Trust Domain Extensions which isolates VMs from > the virtual-machine manager (VMM)/hypervisor and any other software on > the platform. > > To support TDX, multiple software components, not only KVM but also QEMU, > guest Linux and virtual bios, need to be updated. For more details, please > check link[1], there are TDX spec links and public repository link at github > for each software component. > > This patchset is another software component to extend libvirt to support TDX, > with which one can start a VM from high level rather than running qemu directly. > > > * The goal of this RFC patch > The purpose of this post is to get feedback early on high level design issue of > libvirt enhancement for TDX. Referenced much on AMD SEV implemention at link[2]. > > > * Patch organization > > - patch 1-2: Support query of TDX capabilities. > - patch 3-6: Add a new xml element 'TrustDomain' for TDX support. > - patch 7: Sure kvmSupportsSecureGuest cache updated. > > Using these patches we have succesfully booted and tested a guest both with and > without TDX enabled. > > > [1] https://lkml.org/lkml/2020/11/16/1106 > [2] https://github.com/codomania/libvirt/commits/v9 Could you please also point to the relevant qemu patches? The first commit mentions 'query-tdx-capabilities' which is not in qemu upstream yet.
