On Tue, Apr 08, 2025 at 05:08:30PM -0700, Roman Kisel wrote: > Define what the confidential VMBus is and describe what advantages > it offers on the capable hardware. > > Signed-off-by: Roman Kisel <rom...@linux.microsoft.com> > --- > Documentation/virt/hyperv/vmbus.rst | 41 +++++++++++++++++++++++++++++ > 1 file changed, 41 insertions(+) > > diff --git a/Documentation/virt/hyperv/vmbus.rst > b/Documentation/virt/hyperv/vmbus.rst > index 1dcef6a7fda3..f600e3d09800 100644 > --- a/Documentation/virt/hyperv/vmbus.rst > +++ b/Documentation/virt/hyperv/vmbus.rst > @@ -324,3 +324,44 @@ rescinded, neither Hyper-V nor Linux retains any state > about > its previous existence. Such a device might be re-added later, > in which case it is treated as an entirely new device. See > vmbus_onoffer_rescind(). > + > +Confidential VMBus > +------------------ > + > +The confidential VMBus provides the control and data planes where > +the guest doesn't talk to either the hypervisor or the host. Instead, > +it relies on the trusted paravisor. The hardware (SNP or TDX) encrypts > +the guest memory and the register state also measuring the paravisor > +image via using the platform security processor to ensure trsuted and > +confidential computing. > + > +To support confidential communication with the paravisor, a VmBus client
Please be consistent. In this document I see VMBus and VmBus. We should stick with only one form. Wei.
