On Fri, May 23, 2025 at 02:52:23AM -0700, Chao Gao wrote: >Hi Reviewers, > >This series adds support for runtime TDX module updates that preserve >running TDX guests (a.k.a, TD-Preserving updates). The goal is to gather >feedback on the feature design. Please pay attention to the following items: > >1. TD-Preserving updates are done in stop_machine() context. it copy-pastes > part of multi_cpu_stop() to guarantee step-locked progress on all CPUs. > But, there are a few differences between them. I am wondering whether > these differences have reached a point where abstracting a common > function might do more harm than good. See more details in patch 10. > >2. P-SEAMLDR seamcalls (specificially SEAMRET from P-SEAMLDR) clear current > VMCS pointers, which may disrupt KVM. To prevent VMX instructions in IRQ > context from encountering NULL current-VMCS pointers, P-SEAMLDR > seamcalls are called with IRQ disabled. I'm uncertain if NMIs could > cause a problem, but I believe they won't. See more information in patch 3. > >3. Two helpers, cpu_vmcs_load() and cpu_vmcs_store(), are added in patch 3 > to save and restore the current VMCS. KVM has a variant of cpu_vmcs_load(), > i.e., vmcs_load(). Extracting KVM's version would cause a lot of code > churn, and I don't think that can be justified for reducing ~16 LoC > duplication. Please let me know if you disagree. Gentle ping! There are three open issues: one regarding stop_machine() and two related to interactions with KVM. Sean and Paul, do you have any preferences or insights on these matters?
