On Wed, Apr 20, 2022 at 07:42:06PM -0700, Sathyanarayanan Kuppuswamy <sathyanarayanan.kuppuswamy@xxxxxxxxxxxxxxx> wrote: > > > On 4/20/22 5:11 PM, Kai Huang wrote: > > On Wed, 2022-04-20 at 16:45 -0700, Sathyanarayanan Kuppuswamy wrote: > > > If we want to support multiple GetQuote requests in parallel, then we > > > need some way to uniquely identify the GetQuote requests. So that when > > > we get completion notification, we can understand which request is > > > completed. This part is not mentioned/discussed in ABI spec. So we want > > > to serialize the requests for now. > > > > > > > Yes it's unfortunate that this part (whether concurrent GetQuote requests are > > supported by TDX architecture) is not explicitly mentioned in GHCI spec. I am > > fine with only supporting GetQuote requests one by one. AFAICT there's no > > request to support concurrent GetQuote requests anyway. What concerns me is > > exactly how explain this. > > > > As I said, we have GET_QUOTE_IN_FLIGHT flag now. Theoretically, you can queue > > multiple GetQuote requests, and when you receive the interrupt, you check which > > buffer has GET_QUOTE_IN_FLIGHT cleared. That buffer is the one with Quote > > ready. However I am not 100% sure whether above will always work. Interrupt > > can get lost when there are multiple Quotes ready in multiple buffer in very > > short time period, etc? Perhaps Isaku can provide more input here. > > Either supported or not, it should be mentioned in the GHCI spec. Currently, > there are no details related to it. If it is supported, the specification > should include the protocol to use. > > I will check with Isaku about it. The spec says that TD can call multiple GetQuote requests in parallel. TDG.VP.VMCALL<GetQuote> API allows one TD to issue multiple requests. It's implementation specific that how many concurrent requests are allowed. The TD should be able to handle TDG.VP.VMCALL_RETRY if it chooses to issue multiple requests simultaneously As Kai said, there is no requirement for multiple GetQuote in parallel, it's okay to support only single request at the same time. While the status is GET_QUOTE_IN_FLIGHT, VMM owns the shared GPA. The attestation driver should wait for GET_QUOTE_IN_FLIGHT to be cleared before sending next request. -- Isaku Yamahata <isaku.yamahata@xxxxxxxxx>
