On Mon, Jun 21, 2021 at 02:14:32 +0000, Duan, Zhenzhong wrote: > > -----Original Message----- > > From: Peter Krempa <pkrempa@xxxxxxxxxx> > > Sent: Friday, June 18, 2021 7:07 PM > > To: Duan, Zhenzhong <zhenzhong.duan@xxxxxxxxx> > > Cc: libvir-list@xxxxxxxxxx; Yamahata, Isaku <isaku.yamahata@xxxxxxxxx>; > > Tian, Jun J <jun.j.tian@xxxxxxxxx>; Qiang, Chenyi <chenyi.qiang@xxxxxxxxx> > > Subject: Re: [RFC PATCH 0/7] LIBVIRT: X86: TDX support > > > > On Fri, Jun 18, 2021 at 16:50:45 +0800, Zhenzhong Duan wrote: > > > * What's TDX? > > > TDX stands for Trust Domain Extensions which isolates VMs from the > > > virtual-machine manager (VMM)/hypervisor and any other software on the > > > platform. > > > > > > To support TDX, multiple software components, not only KVM but also > > > QEMU, guest Linux and virtual bios, need to be updated. For more > > > details, please check link[1], there are TDX spec links and public > > > repository link at github for each software component. > > > > > > This patchset is another software component to extend libvirt to > > > support TDX, with which one can start a VM from high level rather than > > running qemu directly. > > > > > > > > > * The goal of this RFC patch > > > The purpose of this post is to get feedback early on high level design > > > issue of libvirt enhancement for TDX. Referenced much on AMD SEV > > implemention at link[2]. > > > > > > > > > * Patch organization > > > > > > - patch 1-2: Support query of TDX capabilities. > > > - patch 3-6: Add a new xml element 'TrustDomain' for TDX support. > > > - patch 7: Sure kvmSupportsSecureGuest cache updated. > > > > > > Using these patches we have succesfully booted and tested a guest both > > > with and without TDX enabled. > > > > > > > > > [1] https://lkml.org/lkml/2020/11/16/1106 > > > [2] https://github.com/codomania/libvirt/commits/v9 > > > > Could you please also point to the relevant qemu patches? > > > > The first commit mentions 'query-tdx-capabilities' which is not in qemu > > upstream yet. > Hi Peter, > > Sorry, seems qemu patches link is missed in [1]. List all links below for your reference. > > kvm TDX branch: https://github.com/intel/tdx/tree/kvm > TDX guest branch: https://github.com/intel/tdx/tree/guest > TDVF branch: https://github.com/tianocore/edk2-staging/tree/TDVF > qemu TDX branch: https://github.com/intel/qemu-tdx/tree/tdx In my quick search I didn't find any reference to those patches on the qemu-devel mailing list. Please note that libvirt accepts only features which are supported by the upstream releases [1] of the hypervisor in question. Thus if the qemu part indeed wasn't yet posted for review to qemu-devel you should do so if you want this series to be accepted in libvirt. [1] Pushed upstream waiting for the next release is okay.
