Re: [RFC PATCH v5 101/104] KVM: TDX: Silently ignore INIT/SIPI

[Xiaoyao Li]

On 4/5/2022 11:48 PM, Paolo Bonzini wrote:
> On 3/4/22 20:49, isaku.yamahata@xxxxxxxxx wrote:
> > +        if (kvm_init_sipi_unsupported(vcpu->kvm))
> > +            /*
> > +             * TDX doesn't support INIT.  Ignore INIT event.  In the
> > +             * case of SIPI, the callback of
> > +             * vcpu_deliver_sipi_vector ignores it.
> > +             */
> >               vcpu->arch.mp_state = KVM_MP_STATE_RUNNABLE;
> > -        else
> > -            vcpu->arch.mp_state = KVM_MP_STATE_INIT_RECEIVED;
> > +        else {
> > +            kvm_vcpu_reset(vcpu, true);
> > +            if (kvm_vcpu_is_bsp(apic->vcpu))
> > +                vcpu->arch.mp_state = KVM_MP_STATE_RUNNABLE;
> > +            else
> > +                vcpu->arch.mp_state = KVM_MP_STATE_INIT_RECEIVED;
> > +        }
>
> Should you check vcpu->arch.guest_state_protected instead of 
> special-casing TDX? 

We cannot use vcpu->arch.guest_state_protected because TDX supports 
debug TD, of which the states are not protected.

At least we need another flag, I think.

> KVM_APIC_INIT is not valid for SEV-ES either, if I 
> remember correctly.
>
> Paolo