Re: [PATCH v10 05/16] x86/virt/tdx: Add skeleton to enable TDX on demand

From: Huang, Kai
Date: Thu Mar 23 2023 - 18:42:28 EST

Next message: Ricardo Ribalda: "[PATCH] media: ov8856: Do not check for for module version"
Previous message: Jakub Kicinski: "Re: [PATCH net v1 2/6] net: dsa: microchip: ksz8: fix ksz8_fdb_dump() to extract all 1024 entries"
In reply to: Dave Hansen: "Re: [PATCH v10 05/16] x86/virt/tdx: Add skeleton to enable TDX on demand"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 2023-03-23 at 15:12 -0700, Hansen, Dave wrote:
> On 3/23/23 15:09, Huang, Kai wrote:
> > 1) In TDH.SYS.INIT, ask TDX module team to return TDX_RND_NO_ENTROPY instead of
> > TDX_SYS_BUSY when running out of entropy.
> >
> > 2) In TDH.SYS.KEY.CONFIG, ask TDX module to return TDX_RND_NO_ENTROPY instead of
> > TDX_KEY_GENERATION_FAILED when running out of entropy. Whether
> > TDX_KEY_GENERATION_FAILED should be still kept is up to TDX module team
> > (because it looks running concurrent PCONFIGs is also related).
> >
> > 3) Ask TDX module to always return TDX_RND_NO_ENTROPY in _ALL_ SEAMCALLs and
> > keep this behaviour for future TDX modules too.
>
> Yes, that's all fine.
>
> > 4) In the common seamcall(), retry on TDX_RND_NO_ENTROPY.
> >
> > In terms of how many times to retry, I will use a fixed value for now, similar
> > to the kernel code below:
> >
> > #define RDRAND_RETRY_LOOPS 10
>
> Heck, you could even just use RDRAND_RETRY_LOOPS directly. It's
> hard(er) to bikeshed your choice of a random number that you didn't even
> pick.

Yes I'll just include the header and use it. Thanks.

Next message: Ricardo Ribalda: "[PATCH] media: ov8856: Do not check for for module version"
Previous message: Jakub Kicinski: "Re: [PATCH net v1 2/6] net: dsa: microchip: ksz8: fix ksz8_fdb_dump() to extract all 1024 entries"
In reply to: Dave Hansen: "Re: [PATCH v10 05/16] x86/virt/tdx: Add skeleton to enable TDX on demand"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]