Invoke KVM_TDX_FINALIZE_VM to finalize the TD's measurement and make
the TD vCPUs runnable once machine initialization is complete.
Signed-off-by: Xiaoyao Li <xiaoyao.li@xxxxxxxxx>
Acked-by: Gerd Hoffmann <kraxel@xxxxxxxxxx>
---
target/i386/kvm/tdx.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/target/i386/kvm/tdx.c b/target/i386/kvm/tdx.c
index e55c1190c27e..fc71038d7808 100644
--- a/target/i386/kvm/tdx.c
+++ b/target/i386/kvm/tdx.c
@@ -667,6 +667,13 @@ static void tdx_finalize_vm(Notifier *notifier, void *unused)
/* Tdvf image was copied into private region above. It becomes unnecessary. */
ram_block = tdx_guest->tdvf_region->ram_block;
ram_block_discard_range(ram_block, 0, ram_block->max_length);
+
+ r = tdx_vm_ioctl(KVM_TDX_FINALIZE_VM, 0, NULL);
+ if (r < 0) {
+ error_report("KVM_TDX_FINALIZE_VM failed %s", strerror(-r));
+ exit(0);
+ }
+ tdx_guest->parent_obj.ready = true;
}
static Notifier tdx_machine_done_notify = {
--
2.34.1
