|
From: | Paolo Bonzini |
Subject: | Re: [RFC PATCH 00/13] Add support for Mirror VM. |
Date: | Mon, 16 Aug 2021 17:38:55 +0200 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 |
On 16/08/21 17:13, Ashish Kalra wrote:
I think that once the mirror VM starts booting and running the UEFI code, it might be only during the PEI or DXE phase where it will start actually running the MH code, so mirror VM probably still need to handles KVM_EXIT_IO when SEC phase does I/O, I can see PIC accesses and Debug Agent initialization stuff in SEC startup code.That may be a design of the migration helper code that you were working with, but it's not necessary.Actually my comments are about a more generic MH code.
I don't think that would be a good idea; designing QEMU's migration helper interface to be as constrained as possible is a good thing. The migration helper is extremely security sensitive code, so it should not expose itself to the attack surface of the whole of QEMU.
Paolo
[Prev in Thread] | Current Thread | [Next in Thread] |