On 2/27/2025 2:14 AM, Paolo Bonzini wrote:
> From: Zhiming Hu <zhiming.hu@xxxxxxxxx>
>
> TDX host key IDs (HKID) are limit resources in a machine, and the misc
> cgroup lets the machine owner track their usage and limits the possibility
> of abusing them outside the owner's control.
>
> The cgroup v2 miscellaneous subsystem was introduced to control the
> resource of AMD SEV & SEV-ES ASIDs. Likewise introduce HKIDs as a misc
> resource.
>
> Signed-off-by: Zhiming Hu <zhiming.hu@xxxxxxxxx>
> Signed-off-by: Isaku Yamahata <isaku.yamahata@xxxxxxxxx>
> Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx>
> ---
> arch/x86/include/asm/tdx.h | 2 ++
> arch/x86/kvm/vmx/tdx.c | 14 ++++++++++++++
> arch/x86/kvm/vmx/tdx.h | 1 +
> arch/x86/virt/vmx/tdx/tdx.c | 6 ++++++
> include/linux/misc_cgroup.h | 4 ++++
> kernel/cgroup/misc.c | 4 ++++
> 6 files changed, 31 insertions(+)
>
> diff --git a/arch/x86/include/asm/tdx.h b/arch/x86/include/asm/tdx.h
> index 52a21075c0a6..7dd71ca3eb57 100644
> --- a/arch/x86/include/asm/tdx.h
> +++ b/arch/x86/include/asm/tdx.h
> @@ -124,6 +124,7 @@ const char *tdx_dump_mce_info(struct mce *m);
> const struct tdx_sys_info *tdx_get_sysinfo(void);
>
> int tdx_guest_keyid_alloc(void);
> +u32 tdx_get_nr_guest_keyids(void);
> void tdx_guest_keyid_free(unsigned int keyid);
>
> struct tdx_td {
> @@ -179,6 +180,7 @@ u64 tdh_phymem_page_wbinvd_tdr(struct tdx_td *td);
> static inline void tdx_init(void) { }
> static inline int tdx_cpu_enable(void) { return -ENODEV; }
> static inline int tdx_enable(void) { return -ENODEV; }
> +static u32 tdx_get_nr_guest_keyids(void) { return 0; }
static inline ...
Otherwise will trigger build error when !TDX_HOST
> static inline const char *tdx_dump_mce_info(struct mce *m) { return NULL; }
> static inline const struct tdx_sys_info *tdx_get_sysinfo(void) { return NULL; }
> #endif /* CONFIG_INTEL_TDX_HOST */
