On 2/7/23 04:41, Borislav Petkov wrote: > Or are there no similar TDX solutions planned where the guest runs > unmodified and under a paravisor? I actually don't think paravisors make *ANY* sense for Linux. If you have to modify the guest, then just modify it to talk to the hypervisor directly. This code is... modifying the guest. What does putting a paravisor in the middle do for you? It might help with binary drivers, but we don't do upstream kernel work to make silly binary Linux drivers happy. So, no, there's no similar TDX solutions planned, at least for Linux guests. Unless I missed the memo. Kirill?
