On Fri, Sep 29, 2017 at 03:07:40PM -0500, Richard Relph wrote: > Depending on your level of paranoia, > that may require advance notice of BIOS changes, or even allowing the GO to > provide the BIOS themselves, written to a spec supported by the CP's HV, > and/or based on BIOS code provided by the CP. BTW this last most secure option is easy to implement with the shim because the shim is using very little in terms of the HV interface. User can then easily build it from source. -- MST -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
