On 11/22/22 02:31, Thomas Gleixner wrote:
> Nothing in the TDX specs and docs mentions physical hotplug or a
> requirement for invoking seamcall on the world.
The TDX module source is actually out there[1] for us to look at. It's
in a lovely, convenient zip file, but you can read it if sufficiently
motivated.
It has this lovely nugget in it:
WARNING!!! Proprietary License!! Avert your virgin eyes!!!
> if (tdx_global_data_ptr->num_of_init_lps < tdx_global_data_ptr->num_of_lps)
> {
> TDX_ERROR("Num of initialized lps %d is smaller than total num of lps %d\n",
> tdx_global_data_ptr->num_of_init_lps, tdx_global_data_ptr->num_of_lps);
> retval = TDX_SYS_CONFIG_NOT_PENDING;
> goto EXIT;
> }
tdx_global_data_ptr->num_of_init_lps is incremented at TDH.SYS.INIT
time. That if() is called at TDH.SYS.CONFIG time to help bring the
module up.
So, I think you're right. I don't see the docs that actually *explain*
this "you must seamcall all the things" requirement.
1.
https://www.intel.com/content/www/us/en/developer/articles/technical/intel-trust-domain-extensions.html
