Re: [RFC PATCH v2 4/4] KVM: x86: TDX: Report CORE_CAPABILITIES as supported

Next message: Andy Shevchenko: "Re: [PATCH v2] iio: light: tsl2591: return actual error from probe IRQ failure"
Previous message: Lothar Rubusch: "Re: [PATCH 10/12] crypto: atmel - update workqueue flags and add flush on exit"
In reply to: Xiaoyao Li: "Re: [RFC PATCH v2 4/4] KVM: x86: TDX: Report CORE_CAPABILITIES as supported"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Binbin Wu

Date: Thu Jun 04 2026 - 03:28:37 EST

On 6/4/2026 2:53 PM, Xiaoyao Li wrote:
> On 6/4/2026 10:33 AM, Binbin Wu wrote:
>> Add CORE_CAPABILITIES (CPUID.0x7.0.EDX[30]) to the TDX configurable
>> CPUID allowlist to accommodate legacy TDX module behavior.
>>
>> KVM doesn't support MSR_IA32_CORE_CAPS, however, some older TDX specs
>> define CORE_CAPABILITIES CPUID bit as fixed-1. As a result, userspace
>> may expect this bit to be enabled in the TDX module for TDs. When the
>> CPUID bit becomes a directly configurable without reporting to the
>> userspace, it can not be enabled. To avoid confusing userspace, report
>> CORE_CAPABILITIES to userspace via KVM_TDX_CAPABILITIES.
>>
>> Although KVM could determine the real CPUID setting by reading the
>> metadata via SEAMCALL after KVM_TDX_INIT_VM, doing so is overkill to
>> cover such a corner case. If CORE_CAPABILITIES is exposed to a TDX
>> guest, and the guest reads it, simply return 0.
>
> shouldn't this patch be put as patch 02 instead of 04?
>
> Patch 02 and 03 in this series break the old QEMU and then patch 04 fixes the broken. This is not friendly to the bisect.

Good point.

I will reorder the patch in the later version if the direction of this
patch series is acked by maintainers.