On Tue, 2022-03-29 at 10:52 -0700, Isaku Yamahata wrote: > On Mon, Mar 28, 2022 at 08:10:47AM +0000, > "Tian, Kevin" <kevin.tian@xxxxxxxxx> wrote: > > > > From: Huang, Kai <kai.huang@xxxxxxxxx> > > > Sent: Monday, March 28, 2022 11:55 AM > > > > > > SEAMRR and TDX KeyIDs are configured by BIOS and they are static during > > > machine's runtime. On the other hand, TDX module can be updated and > > > reinitialized at runtime (not supported in this series but will be supported in > > > the future). Theoretically, even P-SEAMLDR can be updated at runtime > > > (although > > > I think unlikely to be supported in Linux). Therefore I think detecting > > > SEAMRR > > > and TDX KeyIDs at boot fits better. > > > > If those info are static it's perfectly fine to detect them until they are > > required... and following are not solid cases (e.g. just exposing SEAM > > alone doesn't tell the availability of TDX) but let's also hear the opinions > > from others. > > One use case is cloud use case. If TDX module is initialized dynamically at > runtime, cloud management system wants to know if the physical machine is > capable of TDX in addition to if TDX module is initialized. Also how many TDs > can be run on the machine even when TDX module is not initialized yet. The > management system will schedule TDs based on those information. Thanks Isaku. I'll keep current way for now. -- Thanks, -Kai
