On Tue, Oct 29, 2024 at 11:14:29PM +0800, Xiaoyao Li wrote: > However, how secure TSC related to memory encryption? Are you kidding me? Secure TSC is a SNP feature. I don't think you're getting it so lemme elaborate: mem_encrypt.c is only *trying* to be somewhat generic but there is stuff like: if (cc_platform_has(CC_ATTR_HOST_SEV_SNP)) snp_fixup_e820_tables(); for example. Both TDX and SEV/SNP need to call *something* at different times during boot for various reasons. We could aim for generalizing things by doing per-vendor early init functions, which is ok, but hasn't been the main goal so far. So far the goal is to do the proper init/setup calls at the right time during boot and not allow the code to grow into an unmaintainable mess while doing so. But both vendors need to do different things at different times during the lifetime of the kernel depending on what they need/want to support. IOW, the memory encryption code is still shaping up... -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette