Re: [PATCH v9 07/18] x86/virt/tdx: Do TDX module per-cpu initialization

[Dave Hansen]

On 2/13/23 13:13, Huang, Kai wrote:
> Perhaps I didn't explain clearly in the comment.  Below is the updated one:
> 
>                 /*
>                  * The previous call of __tdx_enable() may only have
>                  * initialized part of present cpus during module
>                  * initialization, and new cpus may have become online
>                  * since then w/o doing per-cpu initialization.
>                  *
>                  * For example, a new CPU can become online when KVM is
>                  * unloaded, in which case tdx_cpu_enable() is not called since
>                  * KVM's CPU online callback has been removed.
>                  *
>                  * To make sure all online cpus are TDX-runnable, always
>                  * do per-cpu initialization for all online cpus here
>                  * even the module has been initialized.
>                  */

This is voodoo.

I want a TDX-specific hotplug CPU handler.  Period.  Please make that
happen.  Put that code in this patch.  That handler should:

	1. Run after the KVM handler (if present)
	2. See if VMX is on
	3. If VMX is on:
	 3a. Run smp_func_module_lp_init(), else
	 3b. Mark the CPU as needing smp_func_module_lp_init()

Then, in the 'case TDX_MODULE_INITIALIZED:', you call a function to
iterate over the cpumask that was generated in 3b.

That makes the handoff *EXPLICIT*.  You know exactly which CPUs need
what done to them.  A CPU hotplug either explicitly involves doing the
work to make TDX work on the CPU, or explicitly defers the work to a
specific later time in a specific later piece of code.