On 4/5/22 10:48, Paolo Bonzini wrote:
On 3/4/22 20:49, isaku.yamahata@xxxxxxxxx wrote:+ if (kvm_init_sipi_unsupported(vcpu->kvm)) + /* + * TDX doesn't support INIT. Ignore INIT event. In the + * case of SIPI, the callback of + * vcpu_deliver_sipi_vector ignores it. + */ vcpu->arch.mp_state = KVM_MP_STATE_RUNNABLE; - else - vcpu->arch.mp_state = KVM_MP_STATE_INIT_RECEIVED; + else { + kvm_vcpu_reset(vcpu, true); + if (kvm_vcpu_is_bsp(apic->vcpu)) + vcpu->arch.mp_state = KVM_MP_STATE_RUNNABLE; + else + vcpu->arch.mp_state = KVM_MP_STATE_INIT_RECEIVED; + }Should you check vcpu->arch.guest_state_protected instead of special-casing TDX? KVM_APIC_INIT is not valid for SEV-ES either, if I remember correctly.
While the INIT doesn't update any actual state that is in the encrypted VMSA, SEV-ES still calls kvm_vcpu_reset() to allow KVM to set any internal tracking state, etc. I haven't ever tested SEV-ES where that is bypassed.
Thanks, Tom
Paolo
