You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
@klauspost, I'm creating this issue here as I really would like to hear your opinion on what could be done, and mainly if something should be done on cpuid in order to properly detect those.
We've had access to Azure Intel TDX preview, and we noticed that the TDX guest cpuid leaf was not exposed there. This is a huge situation, as it seems Azure is not willing to expose all the necessary bits, and there's already discussions that happened on the kernel land about this, like: https://lore.kernel.org/linux-hyperv/20231020202158.GHZTLhZpmes+uiHOE2@fat_crate.local/T/#t
Meanwhile, I've gotten to do some tests on the created TDX VM, and a "simple patch" like the one shown below could do the trick:
At this point I'm rather unsure on whether this is an acceptable approach, but I'm confident we'd need something, at least something coming from cpuid side, so NFD could properly do the detection.
With everything written above, @klauspost, I'm super interested in your take on whether to accept a patch like the one above, or any other suggestsion on how to address this.
Let me cc some folks from Intel, Azure, and NVIDIA side here as well, just so they can add something that I may have missed and / or follow up in your suggestions.
@klauspost, I'm creating this issue here as I really would like to hear your opinion on what could be done, and mainly if something should be done on
cpuid
in order to properly detect those.We've had access to Azure Intel TDX preview, and we noticed that the TDX guest cpuid leaf was not exposed there. This is a huge situation, as it seems Azure is not willing to expose all the necessary bits, and there's already discussions that happened on the kernel land about this, like: https://lore.kernel.org/linux-hyperv/20231020202158.GHZTLhZpmes+uiHOE2@fat_crate.local/T/#t
Meanwhile, I've gotten to do some tests on the created TDX VM, and a "simple patch" like the one shown below could do the trick:
While this of TDX_GUEST, supporting things like SNP / SEV guest would basically be the matter of checking the
ebx
's value, as show here https://github.com/torvalds/linux/blob/master/arch/x86/kernel/cpu/mshyperv.c#L429-L445At this point I'm rather unsure on whether this is an acceptable approach, but I'm confident we'd need something, at least something coming from
cpuid
side, so NFD could properly do the detection.With everything written above, @klauspost, I'm super interested in your take on whether to accept a patch like the one above, or any other suggestsion on how to address this.
Let me cc some folks from Intel, Azure, and NVIDIA side here as well, just so they can add something that I may have missed and / or follow up in your suggestions.
/cc @mythi @jepio @zvonkok
The text was updated successfully, but these errors were encountered: