Am 26. August 2025 09:21:25 UTC schrieb Peter Maydell 
<peter.mayd...@linaro.org>:
>On Tue, 8 Jul 2025 at 17:36, Bernhard Beschow <shen...@gmail.com> wrote:
>>
>>
>>
>> Am 30. Juni 2025 21:03:06 UTC schrieb Peter Maydell 
>> <peter.mayd...@linaro.org>:
>> >On Mon, 30 Jun 2025 at 21:22, Bernhard Beschow <shen...@gmail.com> wrote:
>> >>
>> >>
>> >>
>> >> Am 30. Juni 2025 09:09:31 UTC schrieb Peter Maydell 
>> >> <peter.mayd...@linaro.org>:
>> >> >On Sun, 29 Jun 2025 at 21:49, Bernhard Beschow <shen...@gmail.com> wrote:
>> >> >>
>> >> >> Allows the imx8mp-evk machine to be run with KVM acceleration as a 
>> >> >> guest.
>> >> >>
>> >> >> Signed-off-by: Bernhard Beschow <shen...@gmail.com>
>> >> >> ---
>> >> >>  docs/system/arm/imx8mp-evk.rst |  7 +++++++
>> >> >>  hw/arm/fsl-imx8mp.c            | 33 ++++++++++++++++++++++++++++-----
>> >> >>  hw/arm/imx8mp-evk.c            | 11 +++++++++++
>> >> >>  hw/arm/Kconfig                 |  3 ++-
>> >> >>  hw/arm/meson.build             |  2 +-
>> >> >>  5 files changed, 49 insertions(+), 7 deletions(-)
>> >> >
>> >> >This puts a lot of IMX device models onto our security boundary,
>> >> >which makes me a bit nervous -- that's a lot of code which
>> >> >wasn't really written or reviewed carefully to ensure it
>> >> >can't be exploited by a malicious guest.
>> >>
>> >> Hi Peter,
>> >>
>> >> Does KVM increase the attack surface compared to TCG?
>> >
>> >Yes, because our security policy says that TCG is not considered
>> >a security boundary, whereas KVM is:
>> >
>> >https://qemu-project.gitlab.io/qemu/system/security.html
>> >
>> >(It would move from "non-virtualization use case" to
>> >"virtualization use case".)
>>
>> Thanks, that document nails my question.
>>
>> If KVM requires the imx devices to be inside the security boundary, what 
>> needs to be done to lift them there?
>
>Code audit, fuzzing, commitments to maintenance. Basically
>I would strongly prefer not to.

I agree that this is asking for a bit too much, especially volunteers. These 
requirements also seem very related to maintenance status "supported". Can we 
find a way for lowering the bar for KVM support?

Best regards,
Bernhard

>
>-- PMM

Reply via email to