coco.rst - OpenGrok cross reference for /linux/Documentation/virt/hyperv/coco.rst

Lines Matching full:vmbus
171 CoCo VMs, Hyper-V has VMBus and VMBus devices that communicate using memory
177 These Hyper-V and VMBus memory pages are marked as decrypted:
179 * VMBus monitor pages
186 * VMBus ring buffers. The direct mapping is marked decrypted in
200 VMBus ring buffer, the length of the message is validated, and the message is
205 Many drivers for VMBus devices have been "hardened" by adding code to fully
206 validate messages received over VMBus, instead of assuming that Hyper-V is
208 vmbus_devs[] table. Other drivers for VMBus devices that are not needed in a
212 Two VMBus devices depend on the Hyper-V host to do DMA data transfers:
225 Finally, the VMBus virtual PCI driver needs special handling in a CoCo VM.
235 Confidential VMBus
237 The confidential VMBus enables the confidential guest not to interact with
244 Confidential VMBus provides a secure communication channel between the guest
248 Confidential VMBus is an extension of Confidential Computing (CoCo) VMs
249 (a.k.a. "Isolated" VMs in Hyper-V terminology). Without Confidential VMBus,
250 guest VMBus device drivers (the "VSC"s in VMBus terminology) communicate
251 with VMBus servers (the VSPs) running on the Hyper-V host. The
253 host can access it. With Confidential VMBus, one or more of the VSPs reside
264 a VMBus connection only with the paravisor for the channels that process
274 than it would be with a conventional VMBus connection where the host partition
277 Here is the data flow for a conventional VMBus connection (`C` stands for the
291   +------||------------------ VMBus --------------------------||------+
295 and the Confidential VMBus connection::
300   | |     +-- VMBus Relay ------+    ====+================            |
312   +-------||----------------- VMBus ---------------------------||-----+
316 An implementation of the VMBus relay that offers the Confidential VMBus
326 Confidential VMBus is supported by the current paravisor. The x86_64-specific
328 is expected to support the Confidential VMBus unconditionally when running
331 Confidential VMBus is a characteristic of the VMBus connection as a whole,
332 and of each VMBus channel that is created. When a Confidential VMBus
334 path that is used for VMBus device creation and deletion, and it provides a
336 offered by the Hyper-V host. Each VMBus device that is offered to the guest
337 indicates the degree to which it participates in Confidential VMBus. The offer
340 may be different for different devices using the same Confidential VMBus
345 is offered by the paravisor with confidential VMBus, the ring buffer can always
353 Because some devices on a Confidential VMBus may require decrypted ring buffers
356 VMBus is not offered. Interrupts are always signaled by the paravisor SynIC,
359 In the case of a confidential VMBus, regular SynIC access by the guest is
364 kind: with confidential VMBus, messages use the paravisor SynIC, and if the
367 (non-confidential, using the VMBus relay) and use the hypervisor SynIC, and
369 OpenHCL VMBus server and are guaranteed to be unique regardless of whether