On Tue, 2023-12-05 at 21:41 +0100, Borislav Petkov wrote: > On Tue, Dec 05, 2023 at 08:33:14PM +0000, Huang, Kai wrote: > > Yes I understand what you said. My point is X86_FEATURE_TDX doesn't suit > > because when it is set, the kernel actually hasn't done any enabling work yet > > thus TDX is not available albeit the X86_FEATURE_TDX is set. > > You define a X86_FEATURE flag. You set it *when* TDX is available and > enabled. Then you query that flag. This is how synthetic flags work. > > In your patchset, when do you know that TDX is enabled? Point me to the > code place pls. > This patchset provides two functions to allow the user of TDX to enable TDX at runtime when needed: tdx_cpu_enable() and tdx_enable(). Please see patch: https://lore.kernel.org/lkml/cover.1699527082.git.kai.huang@xxxxxxxxx/T/#m96cb9aaa4e323d4e29f7ff6c532f7d33a01995a7 So TDX will be available when tdx_enable() is done successfully. For now KVM is the only user of TDX, and tdx_enable() will be called by KVM on demand at runtime. Hope I've made this clear. Thanks.
