Lines Matching +full:attribute +full:- +full:sets
5 Virtual Machine Extensions (VMX) and Multi-Key Total Memory Encryption (MKTME)
12 -------------
29 device and it actually works as RAM. "-bios" option is chosen to load TDVF.
32 command line to specify and load TDVF is ``-bios OVMF.fd``
35 ---------------------
37 Unlike non-TDX VM, the CPU features (enumerated by CPU or MSR) of a TD are not
43 - Attributes:
44 - PKS (bit 30) controls whether Supervisor Protection Keys is exposed to TD,
46 - PERFMON (bit 63) controls whether PMU is exposed to TD.
48 - XSAVE related features (XFAM):
52 - CPUID features:
68 QEMU supports configuring raw 64-bit TD attributes directly via "attributes"
69 property of "tdx-guest" object. Note, it's users' responsibility to provide a
72 QEMU also supports the configuration of individual attribute bits that are
73 supported by it, via properties of "tdx-guest" object.
74 E.g., "sept-ve-disable" (bit 28).
87 explicit feature adjustment of "+featureA/-featureB", can be supported or not.
90 "warning: host doesn't support requested feature: CPUID.07H:EBX.intel-pt [bit 25]"
94 "warning: TDX forcibly sets the feature: CPUID.80000007H:EDX.invtsc [bit 8]"
96 if the fixed-1 feature is requested to be disabled explicitly. This is newly
97 added to QEMU for TDX because TDX has fixed-1 features that are forcibly enabled
101 -----------------------
103 To launch a TD, the necessary command line options are tdx-guest object and
104 split kernel-irqchip, as below:
106 .. parsed-literal::
109 -accel kvm \\
110 -cpu host \\
111 -object tdx-guest,id=tdx0 \\
112 -machine ...,confidential-guest-support=tdx0 \\
113 -bios OVMF.fd \\
116 ------------
118 - kernel-irqchip must be split;
120 This is set by default for TDX guest if kernel-irqchip is left on its default
123 - No readonly support for private memory;
125 - No SMM support: SMM support requires manipulating the guest register states
129 ---------
131 Bit 0 of TD attributes, is DEBUG bit, which decides if the TD runs in off-TD
132 debug mode. When in off-TD debug mode, TD's VCPU state and private memory are
139 --------------
152 --------------
157 ----------
159 - `TDX Homepage <https://www.intel.com/content/www/us/en/developer/articles/technical/intel-trust-d…
161 - `SGX QE <https://github.com/intel/SGXDataCenterAttestationPrimitives/tree/master/QuoteGeneration>…