Received: by 2002:ab2:3350:0:b0:1f4:6588:b3a7 with SMTP id o16csp2104726lqe; Tue, 9 Apr 2024 09:35:46 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCWh+UK2Jkb/z+J7rddqptQwm0Eu7R8OLRhKXUduW/xrnJJwc+dUVO4eDIGa6POXRxFEpkJABveXJoYrBT8h0juubq9pbla+7SYZlI+T/Q== X-Google-Smtp-Source: AGHT+IHaTkZiDdne2BkT8sYPCsS9e1yFHTSiXI0ZcZLa+b6f5PIh/DXztvpvLBNds89Eufz9LXKX X-Received: by 2002:a05:6359:1008:b0:181:7b22:d845 with SMTP id ib8-20020a056359100800b001817b22d845mr368106rwb.16.1712680545750; Tue, 09 Apr 2024 09:35:45 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1712680545; cv=pass; d=google.com; s=arc-20160816; b=FPpWXVA2UrqeW88Sc0ii9D7iUg531Y4zsrgS3e0igrXdE8xTjuCU+fxEN46VHH7XZf +rgKIID6DPydFyLMVtGgral+D8SBTh4qJWnu8E/R0ab6mvJsD7SBCM8xwh3x/NcHAK7B WiSxi4vC21V7XcTYg9ShMffZWIz7kFQgiFanfbma8b6bWIGoK0yrmRvssJYeTTIVMcIj yVR6/mSQjkySBRouCJ/HUsye2DLxPLFkIdRouAb453LqPWJRM5K6FjFd+aJlrSvJW689 ck893YnMPEn2Z7WZ0xeCJP89GxXJq3jR8cuLuyMWvXS8PIF2loIOxFenYHZGPdhPA3Oy mAuA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:in-reply-to:from:content-language :references:cc:to:subject:user-agent:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:date:message-id:dkim-signature; bh=ftTCiNFM+JgtBzr4Q6N/jDnWUBJJQvol3DOKPU+0ElY=; fh=QdVdA4hhjA0Hu2bm4XMslFlLQbzDdMsE32Zlbz3NFOM=; b=KyIC/HNunR7u5qhd4qZQoTM59h2VtPC0IYU1YA7Qs95TW+GZQ+WaF5le9pJGSSQgWd QizXyfXktem1fgZzYUDvY9tpR1GMr+cbz/9ZsjqBngMs4LaDyFMYE+JJrPIMFXMJYWLL 1kvsKpTlk5SlglB+GX3Aa47IBnTf4gdqr3hL75V1+pRrKV6Ss5EAVY9a806UtgJ5cjtt e85bCjlHxpr/yOtQxse8nH7/l7N/7YPGlI94KothPicliq/rF031TzIIlJEDzMzu7sWN grcBxJL8WqXjuHrEfjURb078qkHwp9A2RZ4Sq12d8OsuojIBpiNmzsCNQfJr+cH3zxFP U6/A==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="h/7Nii/8"; arc=pass (i=1 spf=pass spfdomain=intel.com dkim=pass dkdomain=intel.com dmarc=pass fromdomain=intel.com); spf=pass (google.com: domain of linux-kernel+bounces-137304-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-137304-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id o26-20020a65615a000000b005dc4f9ceccdsi8703441pgv.609.2024.04.09.09.35.45 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 09 Apr 2024 09:35:45 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-137304-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b="h/7Nii/8"; arc=pass (i=1 spf=pass spfdomain=intel.com dkim=pass dkdomain=intel.com dmarc=pass fromdomain=intel.com); spf=pass (google.com: domain of linux-kernel+bounces-137304-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-137304-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id A6D1F28B3CF for ; Tue, 9 Apr 2024 16:16:58 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 581B913DBA0; Tue, 9 Apr 2024 16:16:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="h/7Nii/8" Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id ED5D4EAD0; Tue, 9 Apr 2024 16:16:38 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.11 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712679401; cv=none; b=S+Om4hfToagJ6Rf3PrIgCS6NTkNtE8emLuICk9GtJdL6J98xs86wbdDkjOO/ovn9R2y0HlEco+5s+HaeGL7flC1YvN/itMv8ZBpY6AeDXyPmSQz0a10NikS/k+5ba6646O4DGK7+tu7HWsSfcB0yohFczhzgKq4J/+/vmVKYaD8= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1712679401; c=relaxed/simple; bh=gAkb6N8iEk+2d1ruINc6J6Am4Q4iLiEhaX4dERfkTJU=; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: In-Reply-To:Content-Type; b=sNhgQLd72ymWUgktDcKVK62nQkN6Qpkd3L6qokVs7euYX6Fmpj8HyJRmrf26vh0nxHTDZQmtLVUMJcTuvgmB/4gmlJ8gpw88xsS72g/UhGUDC58RrRxr5x++60hu4WaMHyeCQJ8SADNEZGv7AVgvM26t64hsWL1Jiif6c5YQFWQ= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=h/7Nii/8; arc=none smtp.client-ip=192.198.163.11 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1712679399; x=1744215399; h=message-id:date:mime-version:subject:to:cc:references: from:in-reply-to:content-transfer-encoding; bh=gAkb6N8iEk+2d1ruINc6J6Am4Q4iLiEhaX4dERfkTJU=; b=h/7Nii/8epnvzQDxVB6TEnLDilTvuVVbl3Xr611H2xJ+rkjiNNuFCMOR Z2NtHtszA3wEV3+NpqslTcW80I+b3FtYOq3aqI5GNbuK0dqP/7em9Rd1y 6LvSpDzUgUCvB7DflpUp2PYpVIAN24e+FRMumodcnHYAdyL6nJ3YjibKP HgDUaIevEs0vY+LfLThXCLrNNeIyl6GodgEbrDav9wK7BIWW6cNSrH0eN WBzbeFo85l3jtiOR7cidpNoz8Bwwl6LJyzdwSaa01767mVFTGyMJ0ECiy QTKeSx2Rx90rFMfBNC54+8Hp5uGRBgooLEm/7nUvDIQ/HY8VYfnH89pLK g==; X-CSE-ConnectionGUID: 5O3+nCTnSMSFT+//b3lokQ== X-CSE-MsgGUID: dcxW97fORqWlES6g2hwoVA== X-IronPort-AV: E=McAfee;i="6600,9927,11039"; a="18608245" X-IronPort-AV: E=Sophos;i="6.07,189,1708416000"; d="scan'208";a="18608245" Received: from orviesa010.jf.intel.com ([10.64.159.150]) by fmvoesa105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Apr 2024 09:13:42 -0700 X-CSE-ConnectionGUID: DnuX48JvRde8FL+hyX7eyw== X-CSE-MsgGUID: OQQ7xYa7T4eb81gd7GDZCQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.07,189,1708416000"; d="scan'208";a="20156749" Received: from xiaoyaol-hp-g830.ccr.corp.intel.com (HELO [10.124.242.48]) ([10.124.242.48]) by orviesa010-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Apr 2024 09:13:39 -0700 Message-ID: <44af8014-f73c-4ef0-9692-07e8df18fe24@intel.com> Date: Wed, 10 Apr 2024 00:13:36 +0800 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [ANNOUNCE] PUCK Notes - 2024.04.03 - TDX Upstreaming Strategy To: "Edgecombe, Rick P" , "seanjc@google.com" Cc: "davidskidmore@google.com" , "linux-kernel@vger.kernel.org" , "srutherford@google.com" , "pankaj.gupta@amd.com" , "kvm@vger.kernel.org" , "Yamahata, Isaku" , "Wang, Wei W" References: <20240405165844.1018872-1-seanjc@google.com> <73b40363-1063-4cb3-b744-9c90bae900b5@intel.com> <5faaeaa7bc66dbc4ea86a64ef8e8f9b22fd22ef4.camel@intel.com> <957b26d18ba7db611ed6582366066667267d10b8.camel@intel.com> <8b40f8b1d1fa915116ef1c95a13db0e55d3d91f2.camel@intel.com> <4ae4769a6f343a2f4d3648e4348810df069f24b7.camel@intel.com> Content-Language: en-US From: Xiaoyao Li In-Reply-To: <4ae4769a6f343a2f4d3648e4348810df069f24b7.camel@intel.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit On 4/9/2024 11:49 PM, Edgecombe, Rick P wrote: >> I don't want JSON.  I want a data payload that is easily consumable in C code, >> which contains (a) the bits that are fixed and (b) their values.  If a value >> can >> change at runtime, it's not fixed. > Right. The fixed values have to come in a reasonable format from the TDX module > at runtime, or require an opt-in for any CPUID bits to change in future TDX > modules. I have a thought for current situation that TDX module doesn't report fixed CPUID bits via SEAMCALL interface but defines them in docs. VMM (KVM or userspace) can maintain a hardcoded array of fixed CPUID bits and their values according to TDX docs. And VMM needs to update the fixed array by striping out the bits that are reported in TDSYSINFO.CPUID_CONFIG[], which are configurable. If the newer TDX module changes some fixed bits to configurable bits, They will show up in TDSYSINFO.CPUID_CONFIG[]. So VMM can update fixed array correctly. In fact, this is how TDX QEMU series current implements. However, it requires TDX module to follow the rule that if any bit becomes not fixed, it needs to be reported in TDSYSINFO.CPUID_CONFIG[] as configurable. It's just for the case there is no interface from TDX module to report the fixed CPUID bits in the end.