think also there's a security argument here; some people like to
measure security in kloc's; so having your secure boot image as small
as possible for the environment you're actually running does make some
sense, which favours the 2 image idea.
Dave
> Thanks
> Laszlo
--
Dr. David
ind people having to maintain old
versions of OVMF just to keep variable store compatiiblity.
Dave
> Thanks
> Laszlo
--
Dr. David Alan Gilbert / dgilb...@redhat.com / Manchester, UK
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#5
ion of the ROM between VMs you want to
migrate
b) Pad your ROM images to some larger size (e.g. 8MB) so that
even if they grow a little bigger then you don't hit the problem.
Dave
P.S. Please use plain text email
Dr. David Alan Gilbert / dgilb...@redhat.com / Manchester, UK
-=-=-=-=-=-=-
* Laszlo Ersek (ler...@redhat.com) wrote:
> On 11/07/19 11:18, Dr. David Alan Gilbert wrote:
> > * Laszlo Ersek (ler...@redhat.com) wrote:
> >> Hi,
> >>
> >> related TianoCore BZ:
> >>
> >> https://bugzilla.tianocore.org/show_bug.cgi?id=1871
e wanted --
> for example an exception could be injected unless RDRAND had been
> executed from within SMM. Unfortunately, such an arbitrary restriction
> (of RDRAND to SMM) would diverge from the Intel SDM, and would likely
> break other (non-SMM) guest code.
>
> Does a platform device
