On Thu, Jun 15, 2023 at 1:12 PM <isaku.yamahata@xxxxxxxxx> wrote: > ... > > * VM type: Now we have KVM_X86_PROTECTED_VM. How do we proceed? > - Keep KVM_X86_PROTECTED_VM for its use. Introduce KVM_X86_TDX_VM > - Use KVM_X86_PROTECTED_VM for TDX. (If necessary, introduce another type in > the future) > - any other way? There are selftests posted[1] in context of this work, which rely on KVM_X86_PROTECTED_VM being just the software-only psuedo-confidential VMs. In future there might be more work to expand this usecase to full-scale VMs. So it would be better to treat protected VMs as a separate type which can be used on any platform without the need of enabling TDX/SEV functionality. TDX VM type can possibly serve as a specialized type of protected VM with additional arch specific capabilities enabled. [1] - https://github.com/sean-jc/linux/commits/x86/kvm_gmem_solo
