> > I don't know the details about TDX and #VE, but could a malicious HV not > > trigger a #VE basically everywhere by mapping around pages? So 'fail' > > means panic() in this case, right? > > Right. Well we might not be able to reliably panic if we don't run on a IST if it hits the syscall gap. Otherwise you might end up with panic running on the ring 3 stack. Given it's a bit muddled threat model - would need both a malicious process in the hypervisor and inside the secure guest, but I presume that's possible. That seems to argue that an IST for #VE is actually required. -Andi
