Hi, > I threw in "-kernel" because, although it also (usually?) means > "memory", I expected people would want it separate. > > Regarding memory vs. pflash, I thought that these two, combined with the > access permissions, could cover all of RAM, ROM, and read-only and > read-write pflash too. > > So, "-bios" (-> ROM) boils down to "memory", with write access denied -- > please see the SeaBIOS example near the end. Hmm, I'm wondering whenever it is useful to model things this way. It's not like you can actually configure things for -bios seabios.rom or -kernel uboot.elf. Only pflash allows to actually configure things, and there are not that many useful combinations. The code needs Read+Execute. Allowing Write could be useful in theory, to allow the guest doing firmware updates. But I think nobody actually does that, so in practice it is fixed. The varstore can have different permissions, but it's only two useful combinations. Either allow access unconditionally, or allow access in secure contect (aka smm) only. cheers, Gerd -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
