Re: [PATCH v7 06/20] x86/virt/tdx: Shut down TDX module in case of error
From: Huang, Kai
Date: Tue Nov 22 2022 - 20:15:46 EST
On Tue, 2022-11-22 at 20:33 +0100, Peter Zijlstra wrote:
> On Tue, Nov 22, 2022 at 11:24:48AM -0800, Dave Hansen wrote:
>
> > > Not intialize TDX on busy NOHZ_FULL cpus and hard-limit the cpumask of
> > > all TDX using tasks.
> >
> > I don't think that works. As I mentioned to Thomas elsewhere, you don't
> > just need to initialize TDX on the CPUs where it is used. Before the
> > module will start working you need to initialize it on *all* the CPUs it
> > knows about. The module itself has a little counter where it tracks
> > this and will refuse to start being useful until it gets called
> > thoroughly enough.
>
> That's bloody terrible, that is. How are we going to make that work with
> the SMT mitigation crud that forces the SMT sibilng offline?
>
> Then the counters don't match and TDX won't work.
>
> Can we get this limitiation removed and simply let the module throw a
> wobbly (error) when someone tries and use TDX without that logical CPU
> having been properly initialized?
Dave kindly helped to raise this issue and I'll follow up with TDX module guys
to see whether we can remove/ease such limitation.
Thanks!