From: Binbin Wu <binbin.wu@linux.intel.com>
To: Xiaoyao Li <xiaoyao.li@intel.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
seanjc@google.com, pbonzini@redhat.com,
rick.p.edgecombe@intel.com, chao.gao@intel.com,
kai.huang@intel.com
Subject: Re: [RFC PATCH v2 4/4] KVM: x86: TDX: Report CORE_CAPABILITIES as supported
Date: Thu, 4 Jun 2026 15:20:18 +0800 [thread overview]
Message-ID: <014f4cee-8865-4767-a460-d991a7a67448@linux.intel.com> (raw)
In-Reply-To: <883588d1-27a2-4874-b832-5b1b62db3cb9@intel.com>
On 6/4/2026 2:53 PM, Xiaoyao Li wrote:
> On 6/4/2026 10:33 AM, Binbin Wu wrote:
>> Add CORE_CAPABILITIES (CPUID.0x7.0.EDX[30]) to the TDX configurable
>> CPUID allowlist to accommodate legacy TDX module behavior.
>>
>> KVM doesn't support MSR_IA32_CORE_CAPS, however, some older TDX specs
>> define CORE_CAPABILITIES CPUID bit as fixed-1. As a result, userspace
>> may expect this bit to be enabled in the TDX module for TDs. When the
>> CPUID bit becomes a directly configurable without reporting to the
>> userspace, it can not be enabled. To avoid confusing userspace, report
>> CORE_CAPABILITIES to userspace via KVM_TDX_CAPABILITIES.
>>
>> Although KVM could determine the real CPUID setting by reading the
>> metadata via SEAMCALL after KVM_TDX_INIT_VM, doing so is overkill to
>> cover such a corner case. If CORE_CAPABILITIES is exposed to a TDX
>> guest, and the guest reads it, simply return 0.
>
> shouldn't this patch be put as patch 02 instead of 04?
>
> Patch 02 and 03 in this series break the old QEMU and then patch 04 fixes the broken. This is not friendly to the bisect.
Good point.
I will reorder the patch in the later version if the direction of this
patch series is acked by maintainers.
prev parent reply other threads:[~2026-06-04 7:20 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-04 2:33 [RFC PATCH v2 0/4] KVM: x86: TDX: Validate directly configurable CPUID bits Binbin Wu
2026-06-04 2:33 ` [RFC PATCH v2 1/4] KVM: x86: TDX: Track supported " Binbin Wu
2026-06-04 2:44 ` sashiko-bot
2026-06-04 5:37 ` Binbin Wu
2026-06-04 2:33 ` [RFC PATCH v2 2/4] KVM: x86: TDX: Hide unsupported " Binbin Wu
2026-06-04 2:47 ` sashiko-bot
2026-06-04 2:54 ` Binbin Wu
2026-06-04 2:33 ` [RFC PATCH v2 3/4] KVM: x86: TDX: Validate userspace CPUID input for KVM_TDX_INIT_VM Binbin Wu
2026-06-04 2:49 ` sashiko-bot
2026-06-04 3:13 ` Binbin Wu
2026-06-04 2:33 ` [RFC PATCH v2 4/4] KVM: x86: TDX: Report CORE_CAPABILITIES as supported Binbin Wu
2026-06-04 2:51 ` sashiko-bot
2026-06-04 5:32 ` Binbin Wu
2026-06-04 5:40 ` Binbin Wu
2026-06-04 6:53 ` Xiaoyao Li
2026-06-04 7:20 ` Binbin Wu [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=014f4cee-8865-4767-a460-d991a7a67448@linux.intel.com \
--to=binbin.wu@linux.intel.com \
--cc=chao.gao@intel.com \
--cc=kai.huang@intel.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=rick.p.edgecombe@intel.com \
--cc=seanjc@google.com \
--cc=xiaoyao.li@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.