[$] Hardening virtio

Traditionally, in virtualized environments, the host is trusted by itsguests, and mustprotect itself from potentially malicious guests. With initiativeslike confidential computing, this rule is extended in the other direction: theguest no longer trusts the host. This change of paradigm requiresadding boundary defenses in places where there have been none before.Recently, Andi Kleen submitted a patchset attempting to add the needed protections in virtio. The discussionthat resulted from this patch set highlighted the need to securevirtio for a wider range of use cases.