Am 30. Juni 2025 21:03:06 UTC schrieb Peter Maydell <peter.mayd...@linaro.org>:
>On Mon, 30 Jun 2025 at 21:22, Bernhard Beschow <shen...@gmail.com> wrote:
>>
>>
>>
>> Am 30. Juni 2025 09:09:31 UTC schrieb Peter Maydell
>> <peter.mayd...@linaro.org>:
>> >On Sun, 29 Jun 2025 at 21:49, Bernhard Beschow <shen...@gmail.com> wrote:
>> >>
>> >> Allows the imx8mp-evk machine to be run with KVM acceleration as a guest.
>> >>
>> >> Signed-off-by: Bernhard Beschow <shen...@gmail.com>
>> >> ---
>> >> docs/system/arm/imx8mp-evk.rst | 7 +++++++
>> >> hw/arm/fsl-imx8mp.c | 33 ++++++++++++++++++++++++++++-----
>> >> hw/arm/imx8mp-evk.c | 11 +++++++++++
>> >> hw/arm/Kconfig | 3 ++-
>> >> hw/arm/meson.build | 2 +-
>> >> 5 files changed, 49 insertions(+), 7 deletions(-)
>> >
>> >This puts a lot of IMX device models onto our security boundary,
>> >which makes me a bit nervous -- that's a lot of code which
>> >wasn't really written or reviewed carefully to ensure it
>> >can't be exploited by a malicious guest.
>>
>> Hi Peter,
>>
>> Does KVM increase the attack surface compared to TCG?
>
>Yes, because our security policy says that TCG is not considered
>a security boundary, whereas KVM is:
>
>https://qemu-project.gitlab.io/qemu/system/security.html
>
>(It would move from "non-virtualization use case" to
>"virtualization use case".)
Thanks, that document nails my question.
If KVM requires the imx devices to be inside the security boundary, what needs
to be done to lift them there?
Best regards,
Bernhard
>
>thanks
>-- PMM
