From: Binbin Wu <binbin.wu@linux.intel.com>
To: Xiaoyao Li <xiaoyao.li@intel.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
seanjc@google.com, pbonzini@redhat.com,
rick.p.edgecombe@intel.com, chao.gao@intel.com,
kai.huang@intel.com
Subject: Re: [RFC PATCH v2 4/4] KVM: x86: TDX: Report CORE_CAPABILITIES as supported
Date: Thu, 4 Jun 2026 15:20:18 +0800 [thread overview]
Message-ID: <014f4cee-8865-4767-a460-d991a7a67448@linux.intel.com> (raw)
In-Reply-To: <883588d1-27a2-4874-b832-5b1b62db3cb9@intel.com>
On 6/4/2026 2:53 PM, Xiaoyao Li wrote:
> On 6/4/2026 10:33 AM, Binbin Wu wrote:
>> Add CORE_CAPABILITIES (CPUID.0x7.0.EDX[30]) to the TDX configurable
>> CPUID allowlist to accommodate legacy TDX module behavior.
>>
>> KVM doesn't support MSR_IA32_CORE_CAPS, however, some older TDX specs
>> define CORE_CAPABILITIES CPUID bit as fixed-1. As a result, userspace
>> may expect this bit to be enabled in the TDX module for TDs. When the
>> CPUID bit becomes a directly configurable without reporting to the
>> userspace, it can not be enabled. To avoid confusing userspace, report
>> CORE_CAPABILITIES to userspace via KVM_TDX_CAPABILITIES.
>>
>> Although KVM could determine the real CPUID setting by reading the
>> metadata via SEAMCALL after KVM_TDX_INIT_VM, doing so is overkill to
>> cover such a corner case. If CORE_CAPABILITIES is exposed to a TDX
>> guest, and the guest reads it, simply return 0.
>
> shouldn't this patch be put as patch 02 instead of 04?
>
> Patch 02 and 03 in this series break the old QEMU and then patch 04 fixes the broken. This is not friendly to the bisect.
Good point.
I will reorder the patch in the later version if the direction of this
patch series is acked by maintainers.
prev parent reply other threads:[~2026-06-04 7:20 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-04 2:33 [RFC PATCH v2 0/4] KVM: x86: TDX: Validate directly configurable CPUID bits Binbin Wu
2026-06-04 2:33 ` [RFC PATCH v2 1/4] KVM: x86: TDX: Track supported " Binbin Wu
2026-06-04 2:44 ` sashiko-bot
2026-06-04 5:37 ` Binbin Wu
2026-06-04 2:33 ` [RFC PATCH v2 2/4] KVM: x86: TDX: Hide unsupported " Binbin Wu
2026-06-04 2:47 ` sashiko-bot
2026-06-04 2:54 ` Binbin Wu
2026-06-04 2:33 ` [RFC PATCH v2 3/4] KVM: x86: TDX: Validate userspace CPUID input for KVM_TDX_INIT_VM Binbin Wu
2026-06-04 2:49 ` sashiko-bot
2026-06-04 3:13 ` Binbin Wu
2026-06-04 2:33 ` [RFC PATCH v2 4/4] KVM: x86: TDX: Report CORE_CAPABILITIES as supported Binbin Wu
2026-06-04 2:51 ` sashiko-bot
2026-06-04 5:32 ` Binbin Wu
2026-06-04 5:40 ` Binbin Wu
2026-06-04 6:53 ` Xiaoyao Li
2026-06-04 7:20 ` Binbin Wu [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=014f4cee-8865-4767-a460-d991a7a67448@linux.intel.com \
--to=binbin.wu@linux.intel.com \
--cc=chao.gao@intel.com \
--cc=kai.huang@intel.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=rick.p.edgecombe@intel.com \
--cc=seanjc@google.com \
--cc=xiaoyao.li@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox