>+int tdx_vcpu_create(struct kvm_vcpu *vcpu)
>+{
>+ struct kvm_tdx *kvm_tdx = to_kvm_tdx(vcpu->kvm);
>+
>+ WARN_ON_ONCE(vcpu->arch.cpuid_entries);
>+ WARN_ON_ONCE(vcpu->arch.cpuid_nent);
>+
>+ /* TDX only supports x2APIC, which requires an in-kernel local APIC. */
Cannot QEMU emulate x2APIC? In my understanding, the reason is TDX module always
enables APICv for TDs. So, KVM cannot intercept every access to APIC and forward
them to QEMU for emulation.
>+ if (!vcpu->arch.apic)
will "if (!irqchip_in_kernel(vcpu->kvm))" work? looks this is the custome for such
a check.
>+ return -EINVAL;
>+
>+ fpstate_set_confidential(&vcpu->arch.guest_fpu);
>+
>+ vcpu->arch.efer = EFER_SCE | EFER_LME | EFER_LMA | EFER_NX;
>+
>+ vcpu->arch.cr0_guest_owned_bits = -1ul;
>+ vcpu->arch.cr4_guest_owned_bits = -1ul;
>+
>+ vcpu->arch.tsc_offset = to_kvm_tdx(vcpu->kvm)->tsc_offset;
kvm_tdx->tsc_offset;
>+ vcpu->arch.l1_tsc_offset = vcpu->arch.tsc_offset;
>+ vcpu->arch.guest_state_protected =
>+ !(to_kvm_tdx(vcpu->kvm)->attributes & TDX_TD_ATTRIBUTE_DEBUG);
!(kvm_tdx->attributes & TDX_TD_ATTRIBUTE_DEBUG);
>+
>+ if ((kvm_tdx->xfam & XFEATURE_MASK_XTILE) == XFEATURE_MASK_XTILE)
>+ vcpu->arch.xfd_no_write_intercept = true;
>+
>+ return 0;
>+}
