On Tue, Jun 10, 2025 at 02:47:32PM +1000, Alexey Kardashevskiy wrote: > > > On 3/6/25 14:05, Xu Yilun wrote: > > On Mon, Jun 02, 2025 at 01:48:57PM -0300, Jason Gunthorpe wrote: > > > On Tue, Jun 03, 2025 at 12:25:21AM +0800, Xu Yilun wrote: > > > > > > > > Looking at your patch series, I understand the reason you need a vfio > > > > > ioctl is to call pci_request_regions_exclusive—is that correct? > > > > > > > > The immediate reason is to unbind the TDI before unmapping the BAR. > > > > > > Maybe you should just do this directly, require the TSM layer to issue > > > an unbind if it gets any requests to change the secure EPT? > > > > The TSM layer won't touch S-EPT, KVM manages S-EPT. > > Is not it the TDX fw which manages _S_-EPT? And the TDX host driver > (what is it called btw? Intel's "CCP") registers itself as TSM in > the TSM core so it is somewhere near S-EPT logic? Thanks, Yeah, I wonder the same things.. Jason
