On 13.08.24 г. 1:48 ч., Rick Edgecombe wrote:
From: Xiaoyao Li <xiaoyao.li@xxxxxxxxx>
While TDX module reports a set of capabilities/features that it
supports, what KVM currently supports might be a subset of them.
E.g., DEBUG and PERFMON are supported by TDX module but currently not
supported by KVM.
Introduce a new struct kvm_tdx_caps to store KVM's capabilities of TDX.
supported_attrs and suppported_xfam are validated against fixed0/1
values enumerated by TDX module. Configurable CPUID bits derive from TDX
module plus applying KVM's capabilities (KVM_GET_SUPPORTED_CPUID),
i.e., mask off the bits that are configurable in the view of TDX module
but not supported by KVM yet.
KVM_TDX_CPUID_NO_SUBLEAF is the concept from TDX module, switch it to 0
and use KVM_CPUID_FLAG_SIGNIFCANT_INDEX, which are the concept of KVM.
Signed-off-by: Xiaoyao Li <xiaoyao.li@xxxxxxxxx>
Signed-off-by: Rick Edgecombe <rick.p.edgecombe@xxxxxxxxx>
---
uAPI breakout v1:
- Change setup_kvm_tdx_caps() to use the exported 'struct tdx_sysinfo'
pointer.
- Change how to copy 'kvm_tdx_cpuid_config' since 'struct tdx_sysinfo'
doesn't have 'kvm_tdx_cpuid_config'.
- Updates for uAPI changes
---
<snip>
+
static int tdx_online_cpu(unsigned int cpu)
{
unsigned long flags;
@@ -217,11 +292,16 @@ static int __init __tdx_bringup(void)
goto get_sysinfo_err;
}
+ r = setup_kvm_tdx_caps();
nit: Since there are other similarly named functions that come later how
about rename this to init_kvm_tdx_caps, so that it's clear that the
functions that are executed ones are prefixed with "init_" and those
that will be executed on every TDV boot up can be named prefixed with
"setup_"
+ if (r)
+ goto get_sysinfo_err;
+
/*
* Leave hardware virtualization enabled after TDX is enabled
* successfully. TDX CPU hotplug depends on this.
*/
return 0;
+
get_sysinfo_err:
__do_tdx_cleanup();
tdx_bringup_err:
@@ -232,6 +312,7 @@ static int __init __tdx_bringup(void)
void tdx_cleanup(void)
{
if (enable_tdx) {
+ free_kvm_tdx_cap();
__do_tdx_cleanup();
kvm_disable_virtualization();
}
