On 7/7/21 7:54 PM, isaku.yamahata@xxxxxxxxx wrote:
From: Xiaoyao Li <xiaoyao.li@xxxxxxxxx> Introduce a machine property, kvm-type, to allow the user to create a Trusted Domain eXtensions (TDX) VM, a.k.a. a Trusted Domain (TD), e.g.: # $QEMU \ -machine ...,kvm-type=tdx \ ... Only two types are supported: "legacy" and "tdx", with "legacy" being the default. Signed-off-by: Xiaoyao Li <xiaoyao.li@xxxxxxxxx> Co-developed-by: Sean Christopherson <sean.j.christopherson@xxxxxxxxx> Signed-off-by: Sean Christopherson <sean.j.christopherson@xxxxxxxxx> Signed-off-by: Isaku Yamahata <isaku.yamahata@xxxxxxxxx>
I am not a QEMU command line expert, so my mental model of this may be wrong, but: This seems to have a very broad scope on the command line and I am wondering if it's possible to associate it with a TDX command line object specifically to narrow its scope. I.e., is it possible to express this on the command line when launching something that is _not_ meant to be powered by TDX, such as an SEV guest? If it doesn't make sense to express that command line argument in a situation like that, perhaps it could be constrained only to the TDX-specific commandline objects.
