On 02/10/2011 10:07 AM, Gleb Natapov wrote:
So what if it is easier, it doesn't mean it is correct thing to do.
If we spend the next 10 years trying to do the "correct thing" for some
arbitrary definition of correct, that's not terribly useful.
It's really simple actually. Let's do the least clever thing and model
how hardware actual works. Once we have that, we can try to be better
than real hardware (if it's possible).
If all composition is done through a factory interface, it doesn't.
But my main argument here is that we shouldn't try to make all
composition done through a factory interface--only where it makes
sense.
So very concretely, I'm suggesting we do the following to target-i386:
1) make the i440fx device have an embedded ide controller, piix3,
and usb controller that get initialized automatically. The piix3
embeds the PCI-to-ISA bridge along with all of the default ISA
devices (rtc, serial, etc.).
This may be a problem even from security point of view. What if usb code
(ide, serial, parallel) has guest exploitable bug? Currently I can happily
continue running guests if they do not need affected subsystem. If we'll
get it your way I will no longer be able to do so.
qemu -device i440fx,ide=off
If you really care to do this. But this desire to remove devices is
silly IMHO. Concerns about security are misplaced. If you have to
change the way a guest is invoked in order to eliminate security
problems, then there's something seriously wrong.
Regards,
Anthony Liguori
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
