On 8/25/2022 7:26 PM, Gerd Hoffmann wrote:
Hi,
between VMM and TDs. Adjust supported CPUID for TDs based on TDX
restrictions.
Automatic adjustment depending on hardware capabilities isn't going to
fly long-term, you'll run into compatibility problems sooner or later,
for example when different hardware with diverging capabilities (first
vs. second TDX generation) leads to different CPUID capsets in a
otherwise identical configuration.
Verification should happen of course, but I think qemu should just throw
an error in case the tdx can't support a given cpu configuration.
I think you misunderstand this patch.
It's to adjust the supported feature set of the platform, not the
feature set of the given VM/TD. I.e, the adjusted supported feature set
will be used to *verify* the VM's setting that specified by user. Of
course, if user requires unsupported feature, QEMU will throw an error.
(see also Daniels reply to the cover letter).
take care,
Gerd
