I am working on a virtio-crypto with vhost backend.
This functionality should expose a virtual cryptographic device to the guest which would send crypto jobs to the host.
One problem I am facing is where to store session data (such as keys, IVs, etc.).
For performance improvements, I would be ideal for these to be stored inside the vhost module, so that the guest won't have to transfer session data every time it needs to get a job done.
While this would be great for performance, this might represent a problem when migrating VMs, because I would need to query the vhost module to get my session data back in order to migrate successfully to a new host. The problem with this is that it doesn't sound like the virtio-crypto model will remain very backend agnostic.