Re: [PATCH rfcv3 00/11] LIBVIRT: X86: TDX support

>-----Original Message----- >From: Jonathon Jongsma <jjongsma(a)redhat.com&gt; >Sent: Saturday, December 2, 2023 6:30 AM >Subject: Re: [PATCH rfcv3 00/11] LIBVIRT: X86: TDX support > >Hello, > >Thanks for the submission. A few initial general comments: > >On 11/27/23 2:55 AM, Zhenzhong Duan wrote: >> Hi, >> >> This series brings libvirt the x86 TDX support. >> >> * What's TDX? >> TDX stands for Trust Domain Extensions which isolates VMs from >> the virtual-machine manager (VMM)/hypervisor and any other software >on >> the platform. >> >> To support TDX, multiple software components, not only KVM but also >QEMU, >> guest Linux and virtual bios, need to be updated. For more details, please >> check link[1], there are TDX spec links and public repository link at github >> for each software component. >> >> This patchset is another software component to extend libvirt to support >TDX, >> with which one can start a VM from high level rather than running qemu >directly. >> >> >> * Misc >> As QEMU use a software emulated way to reset guest which isn't >supported by TDX >> guest for security reason. We add a new way to emulate the reset for TDX >guest, >> called "hard reboot". We achieve this by killing old qemu and start a new >one. > >Can you expand on this a little bit more? What problems do you encounter >when you reboot the normal way? I did not notice any patches related to >a hard reboot in the v2 patchset that was submitted a while ago. If we use existing "fake reboot" in libvirt, qmp command "system_reset" isn't supported for TDX guest, because TDX doesn't support resetting each register of vcpu for security except in TDX debug mode. TDX guest will be shutdown instead.

>What other approaches did you consider to solve this issue? The changes >to virsh adding a reconnect timeout option for the console command in >particular feel hacky to me. One possible way I can think of is to let qemu do the kill/create job, i.e. destroy TDX vcpus, create new one. This way we can utilize existing "fake reboot" interface between qemu and libvirt.