From: Gerd Hoffmann <kraxel@redhat.com>
To: Laszlo Ersek <lersek@redhat.com>
Cc: Thomas Huth <thuth@redhat.com>,
qemu-devel@nongnu.org, libvir-list@redhat.com,
"Daniel P. Berrange" <berrange@redhat.com>,
Alexander Graf <agraf@suse.de>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
David Gibson <dgibson@redhat.com>, Eric Blake <eblake@redhat.com>,
Gary Ching-Pang Lin <glin@suse.com>,
Kashyap Chamarthy <kchamart@redhat.com>,
Markus Armbruster <armbru@redhat.com>,
Michael Roth <mdroth@linux.vnet.ibm.com>,
Michal Privoznik <mprivozn@redhat.com>,
Peter Krempa <pkrempa@redhat.com>,
Peter Maydell <peter.maydell@linaro.org>,
David Gibson <david@gibson.dropbear.id.au>,
Laurent Vivier <lvivier@redhat.com>,
Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Subject: Re: [Qemu-devel] [qemu RFC] qapi: add "firmware.json"
Date: Tue, 10 Apr 2018 07:59:14 +0200 [thread overview]
Message-ID: <20180410055914.3ak6niwxjkpph26u@sirius.home.kraxel.org> (raw)
In-Reply-To: <6bfdae78-909f-e7ad-b0f0-25f76dfd81f7@redhat.com>
Hi,
> I threw in "-kernel" because, although it also (usually?) means
> "memory", I expected people would want it separate.
>
> Regarding memory vs. pflash, I thought that these two, combined with the
> access permissions, could cover all of RAM, ROM, and read-only and
> read-write pflash too.
>
> So, "-bios" (-> ROM) boils down to "memory", with write access denied --
> please see the SeaBIOS example near the end.
Hmm, I'm wondering whenever it is useful to model things this way. It's
not like you can actually configure things for -bios seabios.rom or
-kernel uboot.elf. Only pflash allows to actually configure things, and
there are not that many useful combinations. The code needs
Read+Execute. Allowing Write could be useful in theory, to allow the
guest doing firmware updates. But I think nobody actually does that, so
in practice it is fixed. The varstore can have different permissions,
but it's only two useful combinations. Either allow access
unconditionally, or allow access in secure contect (aka smm) only.
cheers,
Gerd
next prev parent reply other threads:[~2018-04-10 5:59 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-07 0:01 [Qemu-devel] [qemu RFC] qapi: add "firmware.json" Laszlo Ersek
2018-04-09 7:26 ` Thomas Huth
2018-04-09 8:19 ` Gerd Hoffmann
2018-04-09 16:50 ` Laszlo Ersek
2018-04-10 6:18 ` Gerd Hoffmann
2018-04-10 9:09 ` Laszlo Ersek
2018-04-10 7:33 ` Thomas Huth
2018-04-10 9:22 ` Laszlo Ersek
2018-04-10 9:32 ` Thomas Huth
2018-04-10 11:53 ` Laszlo Ersek
2018-04-10 9:09 ` Daniel P. Berrangé
2018-04-09 16:34 ` Laszlo Ersek
2018-04-10 5:59 ` Gerd Hoffmann [this message]
2018-04-10 9:07 ` Laszlo Ersek
2018-04-10 9:51 ` Gerd Hoffmann
2018-04-10 9:55 ` Daniel P. Berrangé
2018-04-10 12:04 ` Laszlo Ersek
2018-04-10 7:44 ` Thomas Huth
2018-04-10 8:57 ` Laszlo Ersek
2018-04-10 9:05 ` Daniel P. Berrangé
2018-04-10 9:19 ` Thomas Huth
2018-04-10 11:40 ` Laszlo Ersek
2018-04-09 8:08 ` Thomas Huth
2018-04-09 16:42 ` Laszlo Ersek
2018-04-10 6:27 ` Gerd Hoffmann
2018-04-10 9:16 ` Laszlo Ersek
2018-04-10 9:23 ` Daniel P. Berrangé
2018-04-10 10:09 ` Paolo Bonzini
2018-04-10 11:46 ` Laszlo Ersek
2018-04-10 9:26 ` Thomas Huth
2018-04-10 11:53 ` Laszlo Ersek
2018-04-10 9:34 ` Daniel P. Berrangé
2018-04-10 11:57 ` Laszlo Ersek
2018-04-09 8:26 ` Gerd Hoffmann
2018-04-09 16:53 ` Laszlo Ersek
2018-04-09 8:49 ` Daniel P. Berrangé
2018-04-09 17:57 ` Laszlo Ersek
2018-04-10 9:18 ` Daniel P. Berrangé
2018-04-10 11:27 ` Laszlo Ersek
2018-04-10 11:34 ` Daniel P. Berrangé
2018-04-10 11:44 ` Laszlo Ersek
2018-04-10 11:50 ` Daniel P. Berrangé
2018-04-10 11:48 ` Peter Maydell
2018-04-10 11:52 ` Daniel P. Berrangé
2018-04-10 10:20 ` Daniel P. Berrangé
2018-04-10 11:03 ` Daniel P. Berrangé
2018-04-10 11:37 ` Gerd Hoffmann
2018-04-10 12:12 ` Laszlo Ersek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180410055914.3ak6niwxjkpph26u@sirius.home.kraxel.org \
--to=kraxel@redhat.com \
--cc=agraf@suse.de \
--cc=ard.biesheuvel@linaro.org \
--cc=armbru@redhat.com \
--cc=berrange@redhat.com \
--cc=david@gibson.dropbear.id.au \
--cc=dgibson@redhat.com \
--cc=eblake@redhat.com \
--cc=glin@suse.com \
--cc=kchamart@redhat.com \
--cc=lersek@redhat.com \
--cc=libvir-list@redhat.com \
--cc=lvivier@redhat.com \
--cc=mark.cave-ayland@ilande.co.uk \
--cc=mdroth@linux.vnet.ibm.com \
--cc=mprivozn@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=pkrempa@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=thuth@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.