On Wed, Sep 13, 2017 at 05:28:56PM +0200, Michal Privoznik wrote: > On 09/13/2017 03:54 PM, Stefan Hajnoczi wrote: > > 2. Only allow NVDIMM hotplug if the domain was started with -M > > nvdimm=on. > > > > I think QEMU will not add -M nvdimm=on to the "pc" machine type by > > default since it adds the NVDIMM DSM hardware interface that increases > > the security attack surface. > > So this is the downside. Well, I think all that we are left with is > option 2 then. Or, we can expose nvdimm=on the domain XML (and enable it > by default for any domain that already has a nvdimm device configured). There probably needs to be an explicit nvdimm=on XML element so that domains can be created without NVDIMMs at boot but the ability to hotplug NVDIMMs later. Stefan -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list