On Fri, Aug 23, 2024, Alexey Kardashevskiy wrote: > Hi everyone, > > Here are some patches to enable SEV-TIO (aka TDISP, aka secure VFIO) > on AMD Turin. > > The basic idea is to allow DMA to/from encrypted memory of SNP VMs and > secure MMIO in SNP VMs (i.e. with Cbit set) as well. > > These include both guest and host support. QEMU also requires > some patches, links below. > > The patches are organized as: > 01..06 - preparing the host OS; > 07 - new TSM module; > 08 - add PSP SEV TIO ABI (IDE should start working at this point); > 09..14 - add KVM support (TDI binding, MMIO faulting, etc); > 15..19 - guest changes (the rest of SEV TIO ABI, DMA, secure MMIO). > 20, 21 - some helpers for guest OS to use encrypted MMIO > > This is based on a merge of > ee3248f9f8d6 Lukas Wunner spdm: Allow control of next requester nonce > through sysfs > 85ef1ac03941 (AMDESE/snp-host-latest) 4 days ago Michael Roth [TEMP] KVM: guest_memfd: Update gmem_prep are hook to handle partially-allocated folios > > > Please comment. Thanks. 1. Use scripts/get_maintainer.pl 2. Fix your MUA to wrap closer to 80 chars 3. Explain the core design, e.g. roles and responsibilities, coordination between KVM, VFIO/IOMMUFD, userspace, etc.
