Re: [PATCH v9 04/18] x86/virt/tdx: Add skeleton to initialize TDX on demand

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 2023-02-14 at 09:23 -0800, Dave Hansen wrote:
> On 2/14/23 04:46, Peter Zijlstra wrote:
> > On Tue, Feb 14, 2023 at 12:59:11AM +1300, Kai Huang wrote:
> > > Use a state machine protected by mutex to make sure the initialization
> > > will only be done once, as tdx_enable() can be called multiple times
> > > (i.e. KVM module can be reloaded) and be called concurrently by other
> > > kernel components in the future.
> > I still object to doing tdx_enable() at kvm module load.
> > 
> > kvm.ko gets loaded unconditionally on boot, even if I then never use
> > kvm.
> > 
> > This stuff needs to be done when an actual VM is created, not before.
> 
> The actually implementation of this is hidden over in the KVM side of
> this.  But, tdx_enable() and all of this jazz should not be called on
> kvm.ko load.  It'll happen when the KVM tries to start the first TDX VM.
> 
> I think what Kai was thinking of was *this* sequence:
> 
>  1. insmod kvm.ko
>  2. Start a TDX guest, tdx_enable() gets run
>  3. rmmod kvm
>  4. insmod kvm.ko (again)
>  5. Start another TDX guest, run tdx_enable() (again)
> 
> The rmmod/insmod pair is what triggers the second call of tdx_enable().

Yes.  The point is tdx_enable() can get called multi times.

We can discuss more when to enable TDX at KVM side, and I don't want to speak
for KVM maintainers, but this is actually not that relevant to this series.

In the changelog, I just said: 

"...initialize TDX until there is a real need (e.g when requested by KVM)".  

I didn't say exactly when KVM will call this.




[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux