Presumably bios code is in arch/x86 and drivers/acpi, right? Up to 200 calls the majority of which is likely private ...
Yes.
I don't have better ideas but the current setup will just result in people making their guests vulnerable whenever they want to allow device pass-through.
Yes that's true. For current TDX our target is virtual devices only. But if pass through usage will be really wide spread we may need to revisit.
-Andi _______________________________________________ Virtualization mailing list Virtualization@lists.linux-foundation.org https://lists.linuxfoundation.org/mailman/listinfo/virtualization
