On Fri, Apr 29, 2022, Dave Hansen wrote: > On 4/29/22 07:30, Sean Christopherson wrote: > > On Fri, Apr 29, 2022, Dave Hansen wrote: > ... > >> A *good* way (although not foolproof) is to launch a TDX VM early > >> in boot before memory gets fragmented or consumed. You might even > >> want to recommend this in the documentation. > > > > What about providing a kernel param to tell the kernel to do the > > allocation during boot? > > I think that's where we'll end up eventually. But, I also want to defer > that discussion until after we have something merged. > > Right now, allocating the PAMTs precisely requires running the TDX > module. Running the TDX module requires VMXON. VMXON is only done by > KVM. KVM isn't necessarily there during boot. So, it's hard to do > precisely today without a bunch of mucking with VMX. Meh, it's hard only if we ignore the fact that the PAMT entry size isn't going to change for a given TDX module, and is extremely unlikely to change in general. Odds are good the kernel can hardcode a sane default and Just Work. Or provide the assumed size of a PAMT entry via module param. If the size ends up being wrong, log an error, free the reserved memory, and move on with TDX setup with the correct size. > You can arm-wrestle the distro folks who hate adding command-line tweaks > when the time comes. ;) Sure, you just find me the person that's going to run TDX guests with an off-the-shelf distro kernel :-D
