|
From: | Anthony Liguori |
Subject: | Re: [Qemu-devel] [PATCH 0/5] ATAPI pass through v2 |
Date: | Tue, 07 Jul 2009 18:01:05 -0500 |
User-agent: | Thunderbird 2.0.0.21 (X11/20090320) |
Alexandre Bique wrote:
On Tue, Jul 7, 2009 at 10:44 PM, Paul Brook<address@hidden> wrote:I expect that running qemu as root counts as a 'bad idea' (I gather that commands are filtered when running as a regular user), but even so, I wonder if guests should be prevented from performing firmware updates?Yeps.I disagree. Upgrading the firmware from within the guest sounds like a legitimate use, especially given the proliferation of proprietary windows- only upgrade utilities.Maybe we could agree on a switch to forward/block this command ?
No need for a switch IMHO. If a user is doing pass through, they ought to expect that the guest has direct access to the device.
The fact that we can prevent this with ATAPI is a special case. When we eventually merge in VT-d based PCI pass through, we would not be able to enforce this sort of switch. That would result in confusion on the part of users.
Regards, Anthony Liguori
[Prev in Thread] | Current Thread | [Next in Thread] |