Re: Drop "KVM: TDX: Handle TDG.VP.VMCALL<GetTdVmCallInfo> hypercall"

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 4/16/25 05:12, Edgecombe, Rick P wrote:

Hi,

We should consider dropping/reverting "KVM: TDX: Handle
TDG.VP.VMCALL<GetTdVmCallInfo> hypercall" from the base TDX merge. The reason is
because Xiaoyao noticed that the GHCI spec[0] implies that KVM should only
return success for that TDVMCALL if *all* TDVMCALLs are supported, but KVM does
that despite skipping implementing a few. On investigation there are also no
users except its selftest[1], and the spec is ambiguous on the right way to
handle the case in question.

The spec talks about VMMs not supporting all TDVMCALLs, but doesn't say how to
enumerate this (i.e. it doesn't says what the GetTdVmCallInfo VMMs should do
instead of succeed). It actually doesn't cover how to handle if the guest calls
an unsupported TDVMCALL either. Historically, KVM patches have returned
TDVMCALL_STATUS_INVALID_OPERAND for any unknown TDVMCALL, as a reasonable
interpretation of the ambiguous spec. So the spec needs to get clarified in this
whole area.
It does, but I think we should just implement the remaining TDVMCALLs before 6.16 is out, which is in a while. All that is left is really the userspace TDVMCALLs GetQuote, ReportFatalError and SetupEventNotifyInterrupt.
For Instruction.PCONFIG and for VE.RequestMMIO a dummy implementation is valid and returning success is probably even better than invalid-operand. 

Paolo


Since there are no real callers let's just drop GetTdVmCallInfo for now. We can
add it back when the GHCI folks amend the spec to close the ambiguities. As a
bonus we can save some code for the merge.

We dropped the patch internally and did some testing. Also, Binbin and I
searched the guest code for any rare callers. Everything seems fine to drop it.

If we want to leave it in, it's probably not a disaster. We'll just slightly
diverge from the spec. It may not be a problem depending on how the ambiguity
resolves in future spec updates.

Thanks,

Rick

[0]
https://www.intel.com/content/www/us/en/content-details/726790/guest-host-communication-interface-ghci-for-intel-trust-domain-extensions-intel-tdx.html
[1]
https://lore.kernel.org/kvm/20250414214801.2693294-14-sagis@xxxxxxxxxx/
[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux