Curious why leaking BIOS configuration to VM is a security problem... Can someone elaborate this view?
From: Wang, Zhi A Sent: Friday, May 27, 2016 6:05 PM To: [email protected] Cc: [email protected]; Chris Wilson; Vetter, Daniel; [email protected]; Tian, Kevin; Lv, Zhiyuan Subject: FW: Wrt golden MMIO/CFG snaphot in GVT-g For me I think maybe i915 could save the snapshot for GVT, then GVT-g patch the snapshot itself, then there won't be leaking happened I think. Even we wrote a dedicated little program, we would do the same thing. From: Wang, Zhi A Sent: Friday, May 27, 2016 12:59 PM To: [email protected]<mailto:[email protected]>; 'Chris Wilson' <[email protected]<mailto:[email protected]>>; Vetter, Daniel <[email protected]<mailto:[email protected]>>; [email protected]<mailto:[email protected]> Cc: Tian, Kevin <[email protected]<mailto:[email protected]>>; Lv, Zhiyuan <[email protected]<mailto:[email protected]>> Subject: Wrt golden MMIO/CFG snaphot in GVT-g Hi Guys: I received some comments on from Kevin. Mostly his concern is the burden of maintain/releasing the MMIO/CFG snapshot for customers. As we might not have all the SKUs/platform which customers have, even we release the snapshot file generator for customer, it would still bring some extra effort when customer deploying the SW. And he suggested i915 better i915 could keep the snapshot for GVT-g during module loading. As we have shared some ideas about the security problem like leaking BIOS configuration to VM, better we could elaborate more ideas and figure out a better approach. Let's discuss. :) Thanks, Zhi.
_______________________________________________ Intel-gfx mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/intel-gfx
