Received: by 2002:a05:6a10:2726:0:0:0:0 with SMTP id ib38csp1507239pxb; Wed, 30 Mar 2022 05:15:29 -0700 (PDT) X-Google-Smtp-Source: ABdhPJye1CYCS6kO/fBmx26TY1TuQ3MvMQt/iawHtFNpbiIwh6GbrzV+17vcaGkhQFhS5CU8BkJ5 X-Received: by 2002:a05:6638:3729:b0:31a:1376:5226 with SMTP id k41-20020a056638372900b0031a13765226mr18516152jav.279.1648642528719; Wed, 30 Mar 2022 05:15:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1648642528; cv=none; d=google.com; s=arc-20160816; b=McmpXdyU6wmPwMIlA3S6nklfo5fzbF6fgwlNBIYqkftnQb576JgItH8UA2HKcRPjur nwVITi7SxoMDnAdeLtUW4st+q6RADV4re/OhBm2lh9oYCAGQ1uIG1uQ0zn11r47+phqJ pZ9nEyyyyJDy9+IlLgwL7FXxDj/xEZH1k/7Hmy3aJ8qSJpJBIByEB6+cVkC5joOKNwD3 fIMk5FrPFWSYSv/4xzD9MY2BIiKbDnf6+dWAbx02EyMR/bfWKvdfXJYDZ5gncDeKy2J7 6CyJDEL5cbx9DhGbHcZd1nJacP9LS34+MydiCoRt5konKG41mJEKRHwMWIQiRUVkWYgU 6Gqg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:date:cc:to:from:subject :message-id:dkim-signature; bh=tWJsnHcCfPsrZfSw29sQbMCAn7TyVvjQneOLImZ4TPY=; b=hSvDozmXWZyykkdzMB72texz+swN5BO2rUPkShlYxfa4sR1THZ2pv3KfMXJPP8t8/o SjhIal/CdrOilZuWBbruKMgucoBOt9ksHI/gvKUvcpwvrumt5EfWtab6jOspxY24yxis xJt8UL+DqsyC8vXaOtXV9tV+nNbU4EwPbE6fWMailnz7x83jUG2Ffh+5OCEcuTQXMwpH aVmV3pRj3WyN+RqKpyhz+YfB0/8d/jlrSKtVg3fzzbbaZpMY3H1mHebqp/Eoagf9LYeb dLTIOVqAEPK7+BD13ZPkvo/O+jr2LApZ4Qwtni36kCFpG5jJ1yRSb/eKDlumJqWn+Iaq tzHQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="C/1FVXQZ"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id y4-20020a056602120400b006495808454esi3857162iot.107.2022.03.30.05.14.58; Wed, 30 Mar 2022 05:15:28 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="C/1FVXQZ"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238484AbiC2XaL (ORCPT + 99 others); Tue, 29 Mar 2022 19:30:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41040 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229512AbiC2XaK (ORCPT ); Tue, 29 Mar 2022 19:30:10 -0400 Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EAC05F39; Tue, 29 Mar 2022 16:28:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1648596505; x=1680132505; h=message-id:subject:from:to:cc:date:in-reply-to: references:mime-version:content-transfer-encoding; bh=gzmBCGI/MQMl41/e4XEdKaqxJlbBNFcUeD2Jf3KlOBU=; b=C/1FVXQZkriNjtU139F7egvtv32Kn606nZ43ERfLSPyOQmIGqPh2yz9i Hkm56Dnnzjtk01CoGdkgsqzWhpwL3551WfCiCjWU+m61oNdCVtS4BkxWV 2fUtPW++tUZjxCuLxhgju5ybhQ2RZ0dKcOapTaDeopHn7Kudv28Tdc6Hk xRMa6SY2cLzazMZg6Q56sBzWZO0rlWy3mmtSPha64bBhRqQm7Pi95oJ+y 4zKilNVoY4V0m92DN3FpiBN8XNgAWUFFeM4q4FHIjKKIGJsgTYbrRCOg1 kMQgia38ZPYjUn4DOfgiG2smd8PX2+B4jTb7rQFoXZ2eJQGD++nS1JKLk Q==; X-IronPort-AV: E=McAfee;i="6200,9189,10301"; a="345835729" X-IronPort-AV: E=Sophos;i="5.90,220,1643702400"; d="scan'208";a="345835729" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Mar 2022 16:28:20 -0700 X-IronPort-AV: E=Sophos;i="5.90,220,1643702400"; d="scan'208";a="585783066" Received: from jaleon-mobl1.amr.corp.intel.com (HELO khuang2-desk.gar.corp.intel.com) ([10.255.95.100]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Mar 2022 16:28:17 -0700 Message-ID: Subject: Re: [PATCH v2 01/21] x86/virt/tdx: Detect SEAM From: Kai Huang To: Isaku Yamahata , "Tian, Kevin" Cc: "linux-kernel@vger.kernel.org" , "kvm@vger.kernel.org" , "Hansen, Dave" , "Christopherson,, Sean" , "pbonzini@redhat.com" , "kirill.shutemov@linux.intel.com" , "sathyanarayanan.kuppuswamy@linux.intel.com" , "peterz@infradead.org" , "Luck, Tony" , "ak@linux.intel.com" , "Williams, Dan J" , "Yamahata, Isaku" Date: Wed, 30 Mar 2022 12:28:14 +1300 In-Reply-To: <20220329175234.GA1915371@ls.amr.corp.intel.com> References: <51982ec477e43c686c5c64731715fee528750d85.camel@intel.com> <20220329175234.GA1915371@ls.amr.corp.intel.com> Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.42.4 (3.42.4-1.fc35) MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 2022-03-29 at 10:52 -0700, Isaku Yamahata wrote: > On Mon, Mar 28, 2022 at 08:10:47AM +0000, > "Tian, Kevin" wrote: > > > > From: Huang, Kai > > > Sent: Monday, March 28, 2022 11:55 AM > > > > > > SEAMRR and TDX KeyIDs are configured by BIOS and they are static during > > > machine's runtime. On the other hand, TDX module can be updated and > > > reinitialized at runtime (not supported in this series but will be supported in > > > the future). Theoretically, even P-SEAMLDR can be updated at runtime > > > (although > > > I think unlikely to be supported in Linux). Therefore I think detecting > > > SEAMRR > > > and TDX KeyIDs at boot fits better. > > > > If those info are static it's perfectly fine to detect them until they are > > required... and following are not solid cases (e.g. just exposing SEAM > > alone doesn't tell the availability of TDX) but let's also hear the opinions > > from others. > > One use case is cloud use case. If TDX module is initialized dynamically at > runtime, cloud management system wants to know if the physical machine is > capable of TDX in addition to if TDX module is initialized. Also how many TDs > can be run on the machine even when TDX module is not initialized yet. The > management system will schedule TDs based on those information. Thanks Isaku. I'll keep current way for now. -- Thanks, -Kai