[RFC PATCH 0/7] LIBVIRT: X86: TDX support

Peter Krempa pkrempa at redhat.com
Fri Jun 18 11:07:18 UTC 2021


On Fri, Jun 18, 2021 at 16:50:45 +0800, Zhenzhong Duan wrote:
> * What's TDX?
> TDX stands for Trust Domain Extensions which isolates VMs from
> the virtual-machine manager (VMM)/hypervisor and any other software on
> the platform.
> 
> To support TDX, multiple software components, not only KVM but also QEMU,
> guest Linux and virtual bios, need to be updated. For more details, please
> check link[1], there are TDX spec links and public repository link at github
> for each software component.
> 
> This patchset is another software component to extend libvirt to support TDX,
> with which one can start a VM from high level rather than running qemu directly.
> 
> 
> * The goal of this RFC patch
> The purpose of this post is to get feedback early on high level design issue of
> libvirt enhancement for TDX. Referenced much on AMD SEV implemention at link[2].
> 
> 
> * Patch organization
> 
> - patch 1-2: Support query of TDX capabilities.
> - patch 3-6: Add a new xml element 'TrustDomain' for TDX support.
> - patch   7: Sure kvmSupportsSecureGuest cache updated.
> 
> Using these patches we have succesfully booted and tested a guest both with and
> without TDX enabled.
> 
> 
> [1] https://lkml.org/lkml/2020/11/16/1106
> [2] https://github.com/codomania/libvirt/commits/v9

Could you please also point to the relevant qemu patches?

The first commit mentions 'query-tdx-capabilities' which is not in qemu
upstream yet.




More information about the libvir-list mailing list