On Tue, Apr 26, 2022 at 12:52 PM Luck, Tony <tony.luck@xxxxxxxxx> wrote: > > One thing that would be relatively easy to do would be pre-allocate and pre-scan memory at guest creation: > > 1) Request to set up a guest with X GB memory > 2) Allocate X GB > 3) Zero it > 4) Scan for poison > 5) Map memory to guest and run the guest > > Should work with TDX (because you scan while host still has control/access to the pages). > > But this has issues if you have long-lived guests. Or want to overcommit memory so don't > really give a guest all the physical memory that it asks for. Thanks Tony. I agree this could be a starting point to get TDX / SEV-SNP guest memory scanned. It may still be much better than not scanning them. We need to follow up on a long term solution is needed for long running guest. > > -Tony
