On 5/23/2022 5:20 PM, Gerd Hoffmann wrote:
+int tdx_pre_create_vcpu(CPUState *cpu) +{ + MachineState *ms = MACHINE(qdev_get_machine()); + X86CPU *x86cpu = X86_CPU(cpu); + CPUX86State *env = &x86cpu->env; + struct kvm_tdx_init_vm init_vm; + int r = 0; + + qemu_mutex_lock(&tdx_guest->lock); + if (tdx_guest->initialized) { + goto out; + } + + memset(&init_vm, 0, sizeof(init_vm)); + init_vm.cpuid.nent = kvm_x86_arch_cpuid(env, init_vm.entries, 0); + + init_vm.attributes = tdx_guest->attributes; + init_vm.max_vcpus = ms->smp.cpus; + + r = tdx_vm_ioctl(KVM_TDX_INIT_VM, 0, &init_vm); + if (r < 0) { + error_report("KVM_TDX_INIT_VM failed %s", strerror(-r)); + goto out; + } + + tdx_guest->initialized = true; + +out: + qemu_mutex_unlock(&tdx_guest->lock); + return r; +}Hmm, hooking *vm* initialization into *vcpu* creation looks wrong to me.
That's because for TDX, it has to do VM-scope (feature) initialization before creating vcpu. This is new to KVM and QEMU, that every feature is vcpu-scope and configured per-vcpu before.
To minimize the change to QEMU, we want to utilize @cpu and @cpu->env to grab the configuration info. That's why it goes this way.
Do you have any better idea on it?
take care, Gerd
