On Thu, 2022-03-31 at 13:15 -0700, Isaku Yamahata wrote: > On Thu, Mar 31, 2022 at 02:21:06PM +1300, > Kai Huang <kai.huang@xxxxxxxxx> wrote: > > > On Fri, 2022-03-04 at 11:48 -0800, isaku.yamahata@xxxxxxxxx wrote: > > > From: Isaku Yamahata <isaku.yamahata@xxxxxxxxx> > > > > > > MKTME keyid is assigned to guest TD. The memory controller encrypts guest > > > TD memory with key id. Add helper functions to allocate/free MKTME keyid > > > so that TDX KVM assign keyid. > > > > Using MKTME keyid is wrong, at least not accurate I think. We should use > > explicitly use "TDX private KeyID", which is clearly documented in the spec: > > > > https://software.intel.com/content/dam/develop/external/us/en/documents-tps/intel-tdx-cpu-architectural-specification.pdf > > > > Also, description of IA32_MKTME_KEYID_PARTITIONING MSR clearly says TDX private > > KeyIDs span the range (NUM_MKTME_KIDS+1) through > > (NUM_MKTME_KIDS+NUM_TDX_PRIV_KIDS). So please just use TDX private KeyID here. > > > > > > > > > > Also export MKTME global keyid that is used to encrypt TDX module and its > > > memory. > > > > This needs explanation why the global keyID needs to be exported. > > How about the followings? > > TDX private host key id is assigned to guest TD. The memory controller > encrypts guest TD memory with the assigned host key id (HIKD). Add helper > functions to allocate/free TDX private host key id so that TDX KVM manage > it. HIKD -> HKID. You may also want to use KeyID in consistent way (KeyID, keyid, key id, etc). The spec uses KeyID. > > Also export the global TDX private host key id that is used to encrypt TDX > module, its memory and some dynamic data (e.g. TDR). When VMM releasing > encrypted page to reuse it, the page needs to be flushed with the used host > key id. VMM needs the global TDX private host key id to flush such pages > TDX module accesses with the global TDX private host key id. > > Find to me.
