On Fri, Nov 25, 2022 at 11:49:08AM +0800,
Binbin Wu <binbin.wu@xxxxxxxxxxxxxxx> wrote:
> > +New KVM API, ioctl (sub)command, to manage TD VMs
> > +-------------------------------------------------
> > +Additional KVM API
> API -> APIs
> > are needed to control TD VMs. The operations on TD
> > +VMs are specific to TDX.
> > +
> > +- Piggyback and repurpose KVM_MEMORY_ENCRYPT_OP
> > +
> > + Although not all operation isn't memory encryption,
>
> How to understand it?
>
>
> > repupose to get
How about the followings?
New KVM API, ioctl (sub)command, to manage TD VMs
-------------------------------------------------
Additional KVM APIs are needed to control TD VMs. The operations on TD
VMs are specific to TDX.
- Piggyback and repurpose KVM_MEMORY_ENCRYPT_OP
Although operations for TD VMs aren't necessarily related to memory
encryption, define sub operations of KVM_MEMORY_ENCRYPT_OP for TDX specific
ioctls.
Pros:
- No major change in common x86 KVM code.
- Follows the SEV case.
Cons:
- The sub operations of KVM_MEMORY_ENCRYPT_OP aren't necessarily memory
encryption, but operations on TD VMs.
--
Isaku Yamahata <isaku.yamahata@xxxxxxxxx>
