On 1/18/23 07:09, Ard Biesheuvel wrote: > However, I guess we're at a point where SEV and TDX really want > different solutions, so I think divergence might be the way to > proceed. I don't think they want different things really. TDX doesn't need this protocol. It sounds like SEV does need it, though. That doesn't mean they really diverge. They're *both* going to have to poke at this protocol knob to get the firmware to not accept the memory. This does slightly change the motivation for doing explicit unaccepted memory support in the kernel. I also don't know _quite_ how this will look to a guest. For instance, will they see different memory maps based on which protocol they are using? I assume so, but didn't see any of that explicitly mentioned in this patch.
