* Jarkko Sakkinen (jarkko.sakkinen@iki.fi) wrote:

On Wed, Jul 07, 2021 at 01:35:40PM -0500, Brijesh Singh wrote:

quoted

The memory integrity guarantees of SEV-SNP are enforced through a new
structure called the Reverse Map Table (RMP). The RMP is a single data
structure shared across the system that contains one entry for every 4K
page of DRAM that may be used by SEV-SNP VMs. The goal of RMP is to
track the owner of each page of memory. Pages of memory can be owned by
the hypervisor, owned by a specific VM or owned by the AMD-SP. See APM2
section 15.36.3 for more detail on RMP.

The RMP table is used to enforce access control to memory. The table itself
is not directly writable by the software. New CPU instructions (RMPUPDATE,
PVALIDATE, RMPADJUST) are used to manipulate the RMP entries.

What's the point of throwing out a set of opcodes, if there's
no explanation what they do?

TBF They are described in the public document section linked in the previous
paragraph.

Dave

BR, Jarkko

-- 
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK