RE: [PATCH v4 00/23] LIBVIRT: X86: TDX support

-----Original Message----- From: Daniel P. Berrangé <berrange(a)redhat.com&gt; Subject: Re: [PATCH v4 00/23] LIBVIRT: X86: TDX support On Thu, Jul 10, 2025 at 03:21:02AM -0400, Zhenzhong Duan wrote: > Hi, > > This series brings libvirt the x86 TDX support. > > * What's TDX? > TDX stands for Trust Domain Extensions which isolates VMs from > the virtual-machine manager (VMM)/hypervisor and any other software on > the platform. > > This patchset extends libvirt to support TDX, with which one can start a TDX > guest from high level rather than running qemu directly. > > * Misc > As QEMU use a software emulated way to reset guest which isn't supported by TDX > guest for security reason. We simulate reboot for TDX guest by kill and create a > new one in FakeReboot framework. > > Complete code can be found at [1]. > > * Test > Tested with upstream qemu v10.0.0-1724-gf9a3def17b > shutdown/reboot/reset with virsh > shutdown/reboot trigger in guest > shutdown with on_poweroff=destroy/restart > reboot with on_reboot=destroy/restart > GUEST_PANICKED event processing > auto firmware matching For the whole series Tested-by: Daniel P. Berrangé <berrange(a)redhat.com&gt; I've created a VM using virt-install \ --graphics none \ --import \ --file /var/lib/libvirt/images/f42tdxalt.qcow2 \ --memory 4096 \ --launchSecurity=tdx,quoteGenerationService=on \ --boot uefi \ --machine q35 \ --osinfo fedora41 relying on this https://github.com/virt-manager/virt-manager/pull/948 and acquired attestation report with SGX 2.26, QEMU current git master, and upstream LKML (with the patch to enable to build with kexec)