Adam Dunlap, Cláudio Carvalho, Dionna Glaze, Huibo Wang, Joerg Roedel, Jon Lange, Nicolai Stange, Oliver Steffen, Peter Fang, Stefano Garzarella, Thomas Leroy, Tom Lendacky, Vasant Karasulli, Vijay Dhanraj, Ziqiao Zhou
- SVSM reserves a static physical memory region for kernel, user space, and SVSM.
- Naming scheme for physical memory regions should be clarified.
- Initial memory allocation is static, but SVSM can request more from the host OS when SVSM core protocol is in use.
- Dynamic memory demand from SVSM is not anticipated.
- Over 200 undocumented unsafe blocks exist.
- Plan to reduce unsafe blocks to zero
- Group blocks by file/subsystem and create issues on GitHub
- Possibly tagging code owners.
- Casting integers to raw pointers and vice versa can cause issues for verification tools.
- New interface for raw pointers is proposed to track provenance and ensure proper usage.
- Progress on VirtIO-Blk and VirtIO drivers, including use of global memory mapping functions and block layer trait.
- Potential for adding VSOCK support.
- Proposed replacing
FixedStringstructure withStringstructure fromcore::alloccrate for better Unicode support and reduced memory overhead. - Unicode support in SVSM is questioned.
- It was confirmed that
FixedStringcan be replaced withString.
- New PR pending which implements File System SysCalls.
- Currently mostly untested.
- Implements new
Buffertrait to avoid double copying of data.
- Approaching submission deadline for OC3 conference.
- Discuss potential topics for submissions, including confidential VMs and attestation proxies.
- Possibility of adding metadata to IGVM file, such as security version number and signature.
- Plan to include MRTD in IGVM file and investigate standardizing the format.