On 8/31/2021 1:15 PM, David Hildenbrand wrote:
On 31.08.21 22:01, Andi Kleen wrote:
Thanks a lot for this summary. A question about the requirement: do
we or
do we not have plan to support assigned device to the protected VM?
Good question, I assume that is stuff for the far far future.
It is in principle possible with the current TDX, but not secure. But
someone might decide to do it. So it would be good to have basic support
at least.
Can you elaborate the "not secure" part? Do you mean, making the
device only access "shared" memory, not secure/encrypted/whatsoever?
Yes that's right. It can only access shared areas.
-Andi