On Mon, Nov 24, 2025 at 01:47:08PM +0100, Peter Krempa wrote:
> On Mon, Nov 24, 2025 at 12:15:06 +0000, Daniel P. Berrangé via Devel wrote:
> > From: Daniel P. Berrangé <[email protected]>
> >
> > Querying existence of the 'tdx-guest' type merely tells us whether
> > QEMU has been compiled with TDX support, not whether it is usable
> > on the host. Thus QEMU was incorrectly reporting
> >
> > <tdx supported='yes'/>
> > ...
> > <launchSecurity supported='yes'>
> > <enum name='sectype'>
> > <value>tdx</value>
> > </enum>
> > </launchSecurity>
> >
> > on every platform with new enough QEMU.
> >
> > Unfortunately an earlier patch for a 'query-tdx-capabilities' QMP
> > command in QEMU was dropped, so there is no way to ask QEMU whether
> > it can launch a TDX guest. Libvirt must directly query the KVM
> > device and ask for supported VM types.
> >
> > Signed-off-by: Daniel P. Berrangé <[email protected]>
> > ---
> > src/qemu/qemu_capabilities.c | 51 ++++++++++++++++++++++++++++++++++++
> > src/qemu/qemu_capabilities.h | 3 +++
> > tests/domaincapsmock.c | 6 +++++
> > 3 files changed, 60 insertions(+)
>
> [...]
>
>
> > @@ -3686,6 +3692,50 @@ virQEMUCapsProbeQMPSEVCapabilities(virQEMUCaps
> > *qemuCaps,
> > }
> >
> >
> > +bool
> > +virQEMUCapsKVMSupportsVMTypeTDX(void)
> > +{
> > +#if defined(KVM_CAP_VM_TYPES) && defined(KVM_X86_TDX_VM)
> > + VIR_AUTOCLOSE kvmfd = -1;
> > + int types;
> > +
> > + if (!virFileExists(KVM_DEVICE))
> > + return false;
> > +
> > + if ((kvmfd = open(KVM_DEVICE, O_RDONLY)) < 0) {
> > + VIR_DEBUG("Unable to open %s, cannot check TDX", KVM_DEVICE);
> > + return false;
> > + }
> > +
> > + if ((types = ioctl(kvmfd, KVM_CHECK_EXTENSION, KVM_CAP_VM_TYPES)) < 0)
> > + types = false;
>
> Either 'types = 0' or 'return false;'
Opps, yes, it should be 'types=0', as I wanted the following
VIR_DEBUG line to remain visible.
> > +
> > + VIR_DEBUG("KVM VM types: 0x%x", types);
> > +
> > + return !!(types & (1 << KVM_X86_TDX_VM));
>
> Is there possibility that the answer could change based on some external
> input where libvirt's cache isn't invalidated?
We already have logic to invalidate the cache when the kernel version
changes, as we have other areas where we rely on /dev/kvm behaviour.
So that existing logic should be sufficient for this.
>
> > +#else
> > + VIR_DEBUG("KVM not compiled");
> > + return false;
> > +#endif
> > +}
>
> Reviewed-by: Peter Krempa <[email protected]>
>
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
