From: Sean Christopherson <seanjc@google.com>
To: Rick P Edgecombe <rick.p.edgecombe@intel.com>
Cc: "kvm@vger.kernel.org" <kvm@vger.kernel.org>,
Dave Hansen <dave.hansen@intel.com>,
Isaku Yamahata <isaku.yamahata@intel.com>,
"dmaluka@chromium.org" <dmaluka@chromium.org>,
"x86@kernel.org" <x86@kernel.org>,
"kas@kernel.org" <kas@kernel.org>, "bp@alien8.de" <bp@alien8.de>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"mingo@redhat.com" <mingo@redhat.com>,
"dave.hansen@linux.intel.com" <dave.hansen@linux.intel.com>,
"binbin.wu@linux.intel.com" <binbin.wu@linux.intel.com>,
"linux-coco@lists.linux.dev" <linux-coco@lists.linux.dev>,
"hpa@zytor.com" <hpa@zytor.com>,
"tglx@kernel.org" <tglx@kernel.org>,
"pbonzini@redhat.com" <pbonzini@redhat.com>
Subject: Re: [PATCH] KVM: TDX: Fix APIC MSR ranges in tdx_has_emulated_msr()
Date: Mon, 6 Apr 2026 16:07:15 -0700 [thread overview]
Message-ID: <adQ8o2U4ChisMEjS@google.com> (raw)
In-Reply-To: <faac37c7ba9e3a2e8d996e18c74301d9cefad3dc.camel@intel.com>
On Sat, Apr 04, 2026, Rick P Edgecombe wrote:
> On Fri, 2026-04-03 at 16:07 -0700, Sean Christopherson wrote:
> > > So... "Reduced #VE" (also called "VE reduction") reduces which things cause
> > > a #VE. The guest opts into it and the TDX module starts behaving
> > > differently. It's kind of grab bag of changes including changing CPUID
> > > behavior, which is another wrinkle. It was intended to fixup guest side TDX
> > > arch issues.
> >
> > And KVM has no visilibity into which mode the guest has selected? That's
> > awful.
>
> Yea, on both accounts. So where we are at with this is, starting to reject
> changes that build on the pattern. We haven't gone so far as to ask for a
> feature to notify the host of the guest opt-ins. But I wouldn't say we have a
> grand design in mind either. If you have any clarity, please feel free to drop a
> quotable.
I got nothing, probably best to just deal with things on a case-by-case basis
unless we end up with a recurring theme.
> > If KVM has no visiblity, then I don't see an option other than for KVM to
> > advertise and emulate what it can at all times, and it becomes the guest's
> > responsibility to not screw up. I guess it's not really any different from
> > not trying to use MMIO accesses after switching to x2APIC mode.
>
> Like your diff? Expose any MSRs that might be emulated in the TDX paradigm. But
> don't expose all MSRs that KVM supports.
Yep.
prev parent reply other threads:[~2026-04-06 23:07 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-18 19:01 [PATCH] KVM: TDX: Fix APIC MSR ranges in tdx_has_emulated_msr() Dmytro Maluka
2026-03-18 19:42 ` Dave Hansen
2026-03-18 20:30 ` Dmytro Maluka
2026-03-19 1:14 ` Binbin Wu
2026-03-19 1:48 ` Dave Hansen
2026-03-19 7:40 ` Binbin Wu
2026-03-19 19:33 ` Edgecombe, Rick P
2026-04-03 16:30 ` Sean Christopherson
2026-04-03 18:40 ` Edgecombe, Rick P
2026-04-03 19:07 ` Sean Christopherson
2026-04-03 19:30 ` Edgecombe, Rick P
2026-04-03 23:07 ` Sean Christopherson
2026-04-04 0:11 ` Edgecombe, Rick P
2026-04-06 23:07 ` Sean Christopherson [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=adQ8o2U4ChisMEjS@google.com \
--to=seanjc@google.com \
--cc=binbin.wu@linux.intel.com \
--cc=bp@alien8.de \
--cc=dave.hansen@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=dmaluka@chromium.org \
--cc=hpa@zytor.com \
--cc=isaku.yamahata@intel.com \
--cc=kas@kernel.org \
--cc=kvm@vger.kernel.org \
--cc=linux-coco@lists.linux.dev \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=pbonzini@redhat.com \
--cc=rick.p.edgecombe@intel.com \
--cc=tglx@kernel.org \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.