On 8/12/24 15:48, Rick Edgecombe wrote: > Each TDX guest has a root control structure called "Trust Domain > Root" (TDR). Unlike the rest of the TDX guest, the TDR is protected > by the TDX global KeyID. When tearing down the TDR, KVM will need to > pass the TDX global KeyID explicitly to the TDX module to flush cache > associated to the TDR. What does that end up looking like? In other words, should we export the global KeyID, or export a function to do the flush and then never actually expose the KeyID? > -static u32 tdx_global_keyid __ro_after_init; > -static u32 tdx_guest_keyid_start __ro_after_init; > -static u32 tdx_nr_guest_keyids __ro_after_init; > +u32 tdx_global_keyid __ro_after_init; > +EXPORT_SYMBOL_GPL(tdx_global_keyid); > + > +u32 tdx_guest_keyid_start __ro_after_init; > +EXPORT_SYMBOL_GPL(tdx_guest_keyid_start); > + > +u32 tdx_nr_guest_keyids __ro_after_init; > +EXPORT_SYMBOL_GPL(tdx_nr_guest_keyids); I know the KVM folks aren't maniacs that will start writing to these or anything. But, in general, just exporting global variables isn't super nice. If these are being used to set up the key allocator, I'd kinda just rather that the allocator be in core code and have its alloc/free functions exported.