On 9/2/21 2:27 AM, Joerg Roedel wrote: > On Wed, Sep 01, 2021 at 09:07:59AM -0700, Andy Lutomirski wrote: >> In principle, you could actually initialize a TDX guest with all of its >> memory shared and all of it mapped in the host IOMMU. > > Not sure how this works in TDX, but in SEV code fetches are always > treated as encrypted. So this approach would not work with SEV, not to > speak about attestation, which will not work with this approach either > :) > Oof.
