On 23.09.2019 14:25, Marek Marczykowski-Górecki wrote: > What about this: HVM guest can already do all of this when qemu is > running in dom0. So, allowing those actions when qemu is running in > stubdomain should not introduce _additional_ risks.
Well, in a way - yes. But I don't think it's right to have qemu do the direct writes it does (and I wouldn't be surprised if there were still actual issues with this model). Hence it's not going to be an improvement if this suspicious underlying design got extended to other components. Jan _______________________________________________ Xen-devel mailing list [email protected] https://lists.xenproject.org/mailman/listinfo/xen-devel
