[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <614ab01d-eb99-48b8-8517-7438ca6cfef2@intel.com>
Date: Fri, 30 Aug 2024 11:45:53 -0700
From: Dave Hansen <dave.hansen@...el.com>
To: Rick Edgecombe <rick.p.edgecombe@...el.com>, seanjc@...gle.com,
pbonzini@...hat.com, kvm@...r.kernel.org
Cc: kai.huang@...el.com, isaku.yamahata@...il.com,
tony.lindgren@...ux.intel.com, xiaoyao.li@...el.com,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH 06/25] x86/virt/tdx: Export TDX KeyID information
On 8/12/24 15:48, Rick Edgecombe wrote:
> Each TDX guest has a root control structure called "Trust Domain
> Root" (TDR). Unlike the rest of the TDX guest, the TDR is protected
> by the TDX global KeyID. When tearing down the TDR, KVM will need to
> pass the TDX global KeyID explicitly to the TDX module to flush cache
> associated to the TDR.
What does that end up looking like?
In other words, should we export the global KeyID, or export a function
to do the flush and then never actually expose the KeyID?
> -static u32 tdx_global_keyid __ro_after_init;
> -static u32 tdx_guest_keyid_start __ro_after_init;
> -static u32 tdx_nr_guest_keyids __ro_after_init;
> +u32 tdx_global_keyid __ro_after_init;
> +EXPORT_SYMBOL_GPL(tdx_global_keyid);
> +
> +u32 tdx_guest_keyid_start __ro_after_init;
> +EXPORT_SYMBOL_GPL(tdx_guest_keyid_start);
> +
> +u32 tdx_nr_guest_keyids __ro_after_init;
> +EXPORT_SYMBOL_GPL(tdx_nr_guest_keyids);
I know the KVM folks aren't maniacs that will start writing to these or
anything.
But, in general, just exporting global variables isn't super nice. If
these are being used to set up the key allocator, I'd kinda just rather
that the allocator be in core code and have its alloc/free functions
exported.
Powered by blists - more mailing lists