On Tue, 11 Oct 2022 at 09:41, Laurent Vivier <laur...@vivier.eu> wrote: > > Le 03/10/2022 à 13:02, Jason A. Donenfeld a écrit : > > Rather than poking directly into RAM, add the bootinfo block as a proper > > ROM, so that it's restored when rebooting the system. This way, if the > > guest corrupts any of the bootinfo items, but then tries to reboot, > > it'll still be restored back to normal as expected. > > > > Then, since the RNG seed needs to be fresh on each boot, regenerate the > > RNG seed in the ROM when reseting the CPU. > > As it's needed to be refreshed, I think it would better not to use a ROM and > to regenerate all the > bootinfo data on the reset.
I quite liked the use of a rom blob in this patch -- it gets rid of a lot of direct stl_phys() calls (which is a semi-deprecated API because it ignores the possibility of failure). -- PMM
