On Mon, Feb 01, 2021 at 05:51:09PM -0800, David Rientjes wrote: > I think quite invasive changes are needed for the guest to support lazy > validation/acceptance to core areas that lots of people on the recipient > list have strong opinions about. Some things that come to mind: > > - Annotations for pages that must be pre-validated in the x86 boot > sequence, including IST stacks > > - Proliferation of these annotations throughout any kernel code that can > access memory for #VC or #VE Kernel code that is critical should already be covered by the noinstr annotation. Data that is used from noinstr should ideally be placed in noinstr data sections, but that is currently still a TODO. This is all required for correct functioning of the entry code on native, but seems to nicely line up with the TDX requirements. The thing we'll not accept is making #VE an IST.
