Re: [PATCH v2 0/3] TDX attestation support and GHCI fixup
From: Binbin Wu
Date: Fri Jun 20 2025 - 03:09:25 EST
On 6/20/2025 2:01 AM, Paolo Bonzini wrote:
This is a refresh of Binbin's patches with a change to the userspace
API. I am consolidating everything into a single KVM_EXIT_TDX and
adding to the contract that userspace is free to ignore it *except*
for having to reenter the guest with KVM_RUN.
If in the future this does not work, it should be possible to introduce
an opt-in interface. Hopefully that will not be necessary.
Paolo
Binbin Wu (3):
KVM: TDX: Add new TDVMCALL status code for unsupported subfuncs
KVM: TDX: Handle TDG.VP.VMCALL<GetQuote>
KVM: TDX: Exit to userspace for GetTdVmCallInfo
Documentation/virt/kvm/api.rst | 62 ++++++++++++++++++++++++-
arch/x86/include/asm/shared/tdx.h | 1 +
arch/x86/kvm/vmx/tdx.c | 77 ++++++++++++++++++++++++++++---
include/uapi/linux/kvm.h | 22 +++++++++
4 files changed, 154 insertions(+), 8 deletions(-)
Tested the patch set with the TDX kvm-unit-tests, TDX enhanced KVM selftests,
booting a Linux TD, and TDX related test cases defined in the LKVS test suite
as described in:
https://github.com/intel/lkvs/blob/main/KVM/docs/lkvs_on_avocado.md
Xiaoyao has tested the flow for GetQuote and had some comments for small issues
on qemu patch:
https://mail.gnu.org/archive/html/qemu-devel/2025-06/msg03154.html