On Thu, Aug 07, 2025, Sagi Shahar wrote:
From: Ackerley Tng ackerleytng@google.com
Turn vCPU descriptor table initialization into a utility for use by tests needing finer control, for example for TDX TD creation.
NAK. "needing finer control" is not a sufficient explanation for why _this_ patch is necessary. There's also zero argument made throughout any of these patches as to why this pattern:
vm = td_create(); td_initialize(vm, VM_MEM_SRC_ANONYMOUS, 0); vcpu = td_vcpu_add(vm, 0, guest_io_writes); td_finalize(vm);
is the best approach. IMO it is NOT the best approach. I would much rather we structure things so that creating TDs can use APIs like this:
static inline struct kvm_vm *td_create_with_vcpus(uint32_t nr_vcpus, void *guest_code, struct kvm_vcpu *vcpus[]) { return __vm_create_with_vcpus(VM_SHAPE_TDX, nr_vcpus, 0, guest_code, vcpus); }
instead of open coding an entirely different set of APIs for creating TDs, which is not maintanable.