RE: [PATCH v3 00/21] LIBVIRT: X86: TDX support

-----Original Message----- From: Daniel P. Berrangé <berrange(a)redhat.com&gt; Subject: Re: [PATCH v3 00/21] LIBVIRT: X86: TDX support On Wed, Jul 09, 2025 at 08:55:48AM +0000, Duan, Zhenzhong wrote: > > > >-----Original Message----- > >From: Daniel P. Berrangé <berrange(a)redhat.com&gt; > >Subject: Re: [PATCH v3 00/21] LIBVIRT: X86: TDX support > > > >On Mon, Jun 30, 2025 at 02:17:11PM +0800, Zhenzhong Duan wrote: > >> Hi, > >> > >> This series brings libvirt the x86 TDX support. > >> > >> * What's TDX? > >> TDX stands for Trust Domain Extensions which isolates VMs from > >> the virtual-machine manager (VMM)/hypervisor and any other software on > >> the platform. > >> > >> This patchset extends libvirt to support TDX, with which one can start a TDX > >> guest from high level rather than running qemu directly. > >> > >> * Misc > >> As QEMU use a software emulated way to reset guest which isn't supported > >by TDX > >> guest for security reason. We simulate reboot for TDX guest by kill and > >create a > >> new one in FakeReboot framework. > >> > >> Complete code can be found at [1]. > >> > >> * Test > >> Tested with upstream qemu v10.0.0-1724-gf9a3def17b > >> shutdown/reboot/reset with virsh > >> shutdown/reboot trigger in guest > >> shutdown with on_poweroff=destroy/restart > >> reboot with on_reboot=destroy/restart > > > >FYI when I have a guest crash libvirt logs > > > > error : qemuMonitorJSONGuestPanicExtractInfo:638 : internal error: > >unknown panic info type 'tdx' > > > >this is a new type of panic data structure from upstream QEMU > >that libvirt needs to handle in some way > > Oh yes, thanks, will add processing on libvirt side. I think it'll be useful to get the crash "message" string into the per-VM logfile at /var/log/libvirt/qemu/$GUEST.log

I wasted alot of time trying to understand why my guest was panicking until realizing I had mistakenly enabled SEPT #VE. The 'message' string in the panic event would have told me that immediately, but it was not visible, so I think its important to expose this msg in the logs out of the box.