Alexey Kardashevskiy <aik@xxxxxxx> writes:
> On 26/5/25 15:05, Aneesh Kumar K.V wrote:
>> Xu Yilun <yilun.xu@xxxxxxxxxxxxxxx> writes:
>>
>>> On Tue, May 20, 2025 at 12:47:05PM +0530, Aneesh Kumar K.V wrote:
>>>> Xu Yilun <yilun.xu@xxxxxxxxxxxxxxx> writes:
>>>>
>>>>> On Thu, May 15, 2025 at 10:47:31PM -0700, Dan Williams wrote:
>>>>>> From: Xu Yilun <yilun.xu@xxxxxxxxxxxxxxx>
>>>>>>
>>>>>> Add kAPIs pci_tsm_{bind,unbind,guest_req}() for PCI devices.
>>>>>>
>>>>>> pci_tsm_bind/unbind() are supposed to be called by kernel components
>>>>>> which manages the virtual device. The verb 'bind' means VMM does extra
>>>>>> configurations to make the assigned device ready to be validated by
>>>>>> CoCo VM as TDI (TEE Device Interface). Usually these configurations
>>>>>> include assigning device ownership and MMIO ownership to CoCo VM, and
>>>>>> move the TDI to CONFIG_LOCKED TDISP state by LOCK_INTERFACE_REQUEST
>>>>>> TDISP message. The detailed operations are specific to platform TSM
>>>>>> firmware so need to be supported by vendor TSM drivers.
>>>>>>
>>>>>> pci_tsm_guest_req() supports a channel for CoCo VM to directly talk
>>>>>> to TSM firmware about further TDI operations after TDI is bound, e.g.
>>>>>> get device interface report, certifications & measurements. So this kAPI
>>>>>> is supposed to be called from KVM vmexit handler.
>>>>>
>>>>> To clarify, this commit message is staled. We are proposing existing to
>>>>> QEMU, then pass to TSM through IOMMUFD VDEVICE.
>>>>>
>>>>
>>>> Can you share the POC code/git repo implementing that? I am looking for
>>>> pci_tsm_bind()/pci_tsm_unbind() example usage.
>>>
>>> The usage of these kAPIs should be in IOMMUFD, that's what I'm doing for
>>> Stage 2 patchset. I need to rebase this series, adopt suggestions from
>>> Jason, and make TDX Connect work to verify, so need more time...
>>>
>>
>> Since the bind/unbind operations are PCI-specific callbacks, and iommufd
>
> Not really, it is PCI-specific in TSM (for DOE) but since IOMMUFD is not doing any of that, it can work with struct device (not pci_dev). Thanks,
>
Ok, something like this? and iommufd will call tsm_bind()?
int tsm_bind(struct device *dev, struct kvm *kvm, u64 tdi_id)
{
if (!dev_is_pci(dev))
return -EINVAL;
return pci_tsm_bind(to_pci_dev(dev), kvm, tdi_id);
}
EXPORT_SYMBOL_GPL(tsm_bind);
int tsm_unbind(struct device *dev)
{
if (!dev_is_pci(dev))
return -EINVAL;
return pci_tsm_unbind(to_pci_dev(dev));
}
EXPORT_SYMBOL_GPL(tsm_unbind);
-aneesh
