On Wed, Feb 12, 2025, Chao Gao wrote: > >diff --git a/arch/x86/kvm/vmx/main.c b/arch/x86/kvm/vmx/main.c > >index 7f1318c44040..2b1ea57a3a4e 100644 > >--- a/arch/x86/kvm/vmx/main.c > >+++ b/arch/x86/kvm/vmx/main.c > >@@ -62,6 +62,8 @@ static __init int vt_hardware_setup(void) > > vt_x86_ops.set_external_spte = tdx_sept_set_private_spte; > > vt_x86_ops.free_external_spt = tdx_sept_free_private_spt; > > vt_x86_ops.remove_external_spte = tdx_sept_remove_private_spte; > > Nit: I think it would be more consistent to set up .protected_apic_has_interrupt > if TDX is enabled (rather than clearing it if TDX is disabled). I think my preference would be to do the vt_op_tdx_only() thing[*], wire up all TDX hooks by default via vt_op_tdx_only(), and then nullify them if TDX support isn't enabled. Or even just leave them set, e.g. based on the comment in vt_hardware_setup(), that can happen anyways. https://lore.kernel.org/all/Z6v9yjWLNTU6X90d@xxxxxxxxxx
