Received: by 2002:a05:6a10:2726:0:0:0:0 with SMTP id ib38csp99269pxb;
        Wed, 6 Apr 2022 23:40:02 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJx1tgHp5276RpqADiwoMqYdbuiMdPKV3iMlLBNXRT0L+6FMBaaVQcxietFCdz62A2CGboxT
X-Received: by 2002:a05:6402:40cf:b0:41b:593b:90b7 with SMTP id z15-20020a05640240cf00b0041b593b90b7mr12617498edb.52.1649313602518;
        Wed, 06 Apr 2022 23:40:02 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1649313602; cv=none;
        d=google.com; s=arc-20160816;
        b=jahck1eokunstssldEuyASQ/TF1MXmj/bvNzCg1ePSYRLKASCWz+M0A91/EYWdkrfZ
         0mdM32OakhAIO8MMXWcfwe3TK+n7weGKVa3ooIZp0EX3OZk5PJJPW2OxeqXjzpcNxckZ
         LE8KMOBfK2xiYmDZzMGXk56CcJacus6JD/gYyvUFRsSfIiYxkRV8FXJmNDMzVw7MRdGl
         eVlRPrNCq2V6ZkltgV3NBvUxESqyHd9FvUbFw2Vz44N1aRmTMg5eec1unHR5YfP/bfwK
         MeoLVscyzCrYr0ANnCz+DplT7snfLLMlRo4cyUu3OvThPXxYjBvCdaMUJnQHYKrfwFvA
         +uZw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:in-reply-to:from
         :references:cc:to:content-language:subject:user-agent:mime-version
         :date:message-id:dkim-signature;
        bh=QLn3rjxvMMSzjFwh6vJW10P/LsBhv9oRPvV8Jqcb3I0=;
        b=FXDgxTh0kul1TCCrrfttxchWb/e0mk+6Zo82ukq/KPDs6bljNrGLXgwE+wo4isjyF5
         X3axwwgEF3efxLZ0knST0CYztM1MnGQi8XfGomWnAB1V7bNbSZI4nFhsH2GoXfLgWill
         Tap64ObBj3pSk8hpvdsDzdefak5JVGGL/Js4qZoUqDoZ8bxt28Czpdm+i/Gbqx/mY+67
         Ri+KuF7pPBYl1aVgyQ5fw47kZo8elTcZf1qAN0J/xrVfC7K1uyDBnHhmQVTPZIcu0EnK
         ABmdcP89EZdPa2da4yYNKsPXOJW4KKC1PPm616Xbn11LA3j90iQNt4QeE8AVsJ6xUiy8
         taHg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=lzwmhFuy;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id w5-20020a1709061f0500b006dfa049c7d7si13187425ejj.634.2022.04.06.23.39.37;
        Wed, 06 Apr 2022 23:40:02 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@intel.com header.s=Intel header.b=lzwmhFuy;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S240973AbiDGBab (ORCPT <rfc822;arunks.linux@gmail.com>
        + 99 others); Wed, 6 Apr 2022 21:30:31 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60920 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S240527AbiDGBUD (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 6 Apr 2022 21:20:03 -0400
Received: from mga04.intel.com (mga04.intel.com [192.55.52.120])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 13F7EB98;
        Wed,  6 Apr 2022 18:17:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1649294279; x=1680830279;
  h=message-id:date:mime-version:subject:to:cc:references:
   from:in-reply-to:content-transfer-encoding;
  bh=2JbrfSY6uP2wUo1/4/a1W0qsDUA/7Yo093jm6g0+yKI=;
  b=lzwmhFuyQLK+HOAfj8NPae5JzUBo1sFrAY+KjQIZ3qJyVVzz4XHmqO9d
   tlKnnGcsG2cpdxvlHh3CvfmpCytHlIXsYCCDS9lmO0QN0vebVRJTSrc1r
   sD9Z1GHql3NYLW92Inv/CNzDjn1qdL3ZzBDE+DhdcDFgY8Z+/mRRvilE4
   AZ0CKi0XGWDlSmxOgGIz3kVnIawzLzlZi/ibUbbocVMCabp94eoEK2BSf
   tkUQt/nzbkmylsPJFQZJbhPLl7idEZ7n5gLbgn9nT6yjqtHhstez9Q949
   ozRs7ddVUg03iuIUFGb5TUzKWOb/z1hvlRGM6PkMvPb0XOVqo3n07SJSb
   g==;
X-IronPort-AV: E=McAfee;i="6200,9189,10309"; a="260035421"
X-IronPort-AV: E=Sophos;i="5.90,241,1643702400"; 
   d="scan'208";a="260035421"
Received: from orsmga005.jf.intel.com ([10.7.209.41])
  by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Apr 2022 18:17:58 -0700
X-IronPort-AV: E=Sophos;i="5.90,241,1643702400"; 
   d="scan'208";a="722746220"
Received: from zitianwa-mobl.ccr.corp.intel.com (HELO [10.255.28.125]) ([10.255.28.125])
  by orsmga005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Apr 2022 18:17:54 -0700
Message-ID: <8aa0cf5b-bfda-bcf8-45f9-dc5113532caa@intel.com>
Date:   Thu, 7 Apr 2022 09:17:51 +0800
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
 Firefox/91.0 Thunderbird/91.7.0
Subject: Re: [RFC PATCH v5 026/104] KVM: TDX: x86: Add vm ioctl to get TDX
 systemwide parameters
Content-Language: en-US
To:     Kai Huang <kai.huang@intel.com>,
        Paolo Bonzini <pbonzini@redhat.com>, isaku.yamahata@intel.com,
        kvm@vger.kernel.org, linux-kernel@vger.kernel.org
Cc:     isaku.yamahata@gmail.com, Jim Mattson <jmattson@google.com>,
        erdemaktas@google.com, Connor Kuehl <ckuehl@redhat.com>,
        Sean Christopherson <seanjc@google.com>
References: <cover.1646422845.git.isaku.yamahata@intel.com>
 <5ff08ce32be458581afe59caa05d813d0e4a1ef0.1646422845.git.isaku.yamahata@intel.com>
 <586be87a-4f81-ea43-2078-a6004b4aba08@redhat.com>
 <17981a2e-03e3-81df-0654-5ccb29f43546@intel.com>
 <bf3e61bcc2096e72a02f56b70524928e6c3cfa3e.camel@intel.com>
From:   Xiaoyao Li <xiaoyao.li@intel.com>
In-Reply-To: <bf3e61bcc2096e72a02f56b70524928e6c3cfa3e.camel@intel.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-5.3 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,HK_RANDOM_ENVFROM,
        HK_RANDOM_FROM,NICE_REPLY_A,RCVD_IN_DNSWL_MED,SPF_HELO_NONE,SPF_NONE,
        T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no
        version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 4/7/2022 9:07 AM, Kai Huang wrote:
> On Wed, 2022-04-06 at 09:54 +0800, Xiaoyao Li wrote:
>> On 4/5/2022 8:52 PM, Paolo Bonzini wrote:
>>> On 3/4/22 20:48, isaku.yamahata@intel.com wrote:
>>>> Implement a VM-scoped subcomment to get system-wide parameters.  Although
>>>> this is system-wide parameters not per-VM, this subcomand is VM-scoped
>>>> because
>>>> - Device model needs TDX system-wide parameters after creating KVM VM.
>>>> - This subcommands requires to initialize TDX module.  For lazy
>>>>     initialization of the TDX module, vm-scope ioctl is better.
>>>
>>> Since there was agreement to install the TDX module on load, please
>>> place this ioctl on the /dev/kvm file descriptor.
>>>
>>> At least for SEV, there were cases where the system-wide parameters are
>>> needed outside KVM, so it's better to avoid requiring a VM file descriptor.
>>
>> I don't have strong preference on KVM-scope ioctl or VM-scope.
>>
>> Initially, we made it KVM-scope and change it to VM-scope in this
>> version. Yes, it returns the info from TDX module, which doesn't vary
>> per VM. However, what if we want to return different capabilities
>> (software controlled capabilities) per VM?
>>
> 
> In this case, you don't return different capabilities, instead, you return the
> same capabilities but control the capabilities on per-VM basis.

yes, so I'm not arguing it or insisting on per-VM.

I just speak out my concern since it's user ABI.

>> Part of the TDX capabilities
>> serves like get_supported_cpuid, making it KVM wide lacks the
>> flexibility to return differentiated capabilities for different TDs.
>>
>>
>>> Thanks,
>>>
>>> Paolo
>>>
>>
>