feat(tdx): finalize TDX virtual machine creation

Signed-off-by: Changyuan Lyu <changyuanl@google.com>

Author: Lencerf

alioth/src/board/board_x86_64/board_x86_64.rs

@@ -352,7 +352,7 @@ where
         match coco {
             Coco::AmdSev { policy } => self.sev_finalize(*policy),
             Coco::AmdSnp { .. } => self.snp_finalize(),
-            Coco::IntelTdx { attr } => todo!("Intel TDX {attr:?}"),
+            Coco::IntelTdx { .. } => self.tdx_finalize(),
         }
     }
 

alioth/src/board/board_x86_64/tdx.rs

@@ -104,4 +104,9 @@ where
         vcpu.tdx_init_vcpu(hob)?;
         Ok(())
     }
+
+    pub(crate) fn tdx_finalize(&self) -> Result<()> {
+        self.vm.tdx_finalize_vm()?;
+        Ok(())
+    }
 }

alioth/src/hv/hv.rs

@@ -396,6 +396,9 @@ pub trait Vm {
     #[cfg(target_arch = "x86_64")]
     fn tdx_init_vm(&self, attr: TdAttr, cpuids: &HashMap<CpuidIn, CpuidResult>) -> Result<()>;
 
+    #[cfg(target_arch = "x86_64")]
+    fn tdx_finalize_vm(&self) -> Result<()>;
+
     #[cfg(target_arch = "aarch64")]
     type GicV2: GicV2;
     #[cfg(target_arch = "aarch64")]

alioth/src/hv/kvm/vm/vm.rs

@@ -766,6 +766,11 @@ impl Vm for KvmVm {
         KvmVm::tdx_init_vm(self, attr, cpuids)
     }
 
+    #[cfg(target_arch = "x86_64")]
+    fn tdx_finalize_vm(&self) -> Result<()> {
+        KvmVm::tdx_finalize_vm(self)
+    }
+
     #[cfg(target_arch = "aarch64")]
     fn create_gic_v2(&self, distributor_base: u64, cpu_interface_base: u64) -> Result<Self::GicV2> {
         aarch64::KvmGicV2::new(self, distributor_base, cpu_interface_base)

alioth/src/hv/kvm/vm/vm_x86_64/tdx.rs

@@ -82,4 +82,8 @@ impl KvmVm {
         tdx_op(&self.vm.fd, KvmTdxCmdId::INIT_VM, 0, Some(&mut *init))?;
         Ok(())
     }
+
+    pub fn tdx_finalize_vm(&self) -> Result<()> {
+        tdx_op::<()>(&self.vm.fd, KvmTdxCmdId::FINALIZE_VM, 0, None)
+    }
 }