On 10/26/2022 4:16 PM, Kai Huang wrote:
TDX module initialization requires to use one TDX private KeyID as the
global KeyID to protect the TDX module metadata. The global KeyID is
configured to the TDX module along with TDMRs.
Just reserve the first TDX private KeyID as the global KeyID. Keep the
global KeyID as a static variable as KVM will need to use it too.
Reviewed-by: Isaku Yamahata <isaku.yamahata@xxxxxxxxx>
Signed-off-by: Kai Huang <kai.huang@xxxxxxxxx>
---
arch/x86/virt/vmx/tdx/tdx.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/arch/x86/virt/vmx/tdx/tdx.c b/arch/x86/virt/vmx/tdx/tdx.c
index 5d74ada072ca..0820ba781f97 100644
--- a/arch/x86/virt/vmx/tdx/tdx.c
+++ b/arch/x86/virt/vmx/tdx/tdx.c
@@ -62,6 +62,9 @@ static struct tdsysinfo_struct tdx_sysinfo;
static struct cmr_info tdx_cmr_array[MAX_CMRS] __aligned(CMR_INFO_ARRAY_ALIGNMENT);
static int tdx_cmr_num;
+/* TDX module global KeyID. Used in TDH.SYS.CONFIG ABI. */
+static u32 tdx_global_keyid;
Comment how this is serialized (or doesn't need it)