Re: [PATCH v11 00/20] TDX host kernel support

From: Isaku Yamahata
Date: Mon Jun 05 2023 - 20:36:52 EST

Next message: Roman Gushchin: "Re: [PATCH v2 3/3] fs: Use delayed shrinker unregistration"
Previous message: Roman Gushchin: "Re: [PATCH v2 1/3] mm: vmscan: move shrinker_debugfs_remove() before synchronize_srcu()"
In reply to: Kai Huang: "[PATCH v11 20/20] Documentation/x86: Add documentation for TDX host support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jun 05, 2023 at 02:27:13AM +1200,
Kai Huang <kai.huang@xxxxxxxxx> wrote:

> Intel Trusted Domain Extensions (TDX) protects guest VMs from malicious
> host and certain physical attacks. TDX specs are available in [1].
>
> This series is the initial support to enable TDX with minimal code to
> allow KVM to create and run TDX guests. KVM support for TDX is being
> developed separately[2]. A new "userspace inaccessible memfd" approach
> to support TDX private memory is also being developed[3]. The KVM will
> only support the new "userspace inaccessible memfd" as TDX guest memory.
>
> This series doesn't aim to support all functionalities, and doesn't aim
> to resolve all things perfectly. All other optimizations will be posted
> as follow-up once this initial TDX support is upstreamed.
>
> Also, the patch to add the new kernel comline tdx="force" isn't included
> in this initial version, as Dave suggested it isn't mandatory. But I
> will add one once this initial version gets merged.
>
> (For memory hotplug, sorry for broadcasting widely but I cc'ed the
> linux-mm@xxxxxxxxx following Kirill's suggestion so MM experts can also
> help to provide comments.)
>
> Hi Dave, Kirill, Tony, Peter, Thomas, Dan (and Intel reviewers),
>
> The new relaxed TDX per-cpu initialization flow has been verified. The
> TDX module can be initialized when there are offline cpus, and the
> TDH.SYS.LP.INIT SEAMCALL can be made successfully later after module
> initialization when the offline cpu is up.
>
> This series mainly added code to handle the new TDX "partial write
> machine check" erratum (SPR113) in [4].
>
> And I would appreciate reviewed-by or acked-by tags if the patches look
> good to you. Thanks in advance!

I've rebased the TDX KVM patch series v14 [1] with this patch series and
uploaded it at [2]. As the rebased TDX KVM patches doesn't have any changes
except trivial rebase fixes, I don't post something like v14.1.

[1] https://lore.kernel.org/lkml/cover.1685333727.git.isaku.yamahata@xxxxxxxxx/
[2] https://github.com/intel/tdx/tree/kvm-upstream-workaround
--
Isaku Yamahata <isaku.yamahata@xxxxxxxxx>

Next message: Roman Gushchin: "Re: [PATCH v2 3/3] fs: Use delayed shrinker unregistration"
Previous message: Roman Gushchin: "Re: [PATCH v2 1/3] mm: vmscan: move shrinker_debugfs_remove() before synchronize_srcu()"
In reply to: Kai Huang: "[PATCH v11 20/20] Documentation/x86: Add documentation for TDX host support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]