On 1/13/20 2:01 PM, Andrew Cooper wrote: > On 13/01/2020 13:39, Julien Grall wrote: >> Hi George, >> >> Thank you for summarising the possibility. One question below. >> >> On 13/01/2020 12:51, George Dunlap wrote: >>> 2. Block XENVER_extraversion at the hypervisor level. Leave xen_deny() >>> as returning "<denied>", but replace "<denied>" with "" in hvmloader so >>> it doesn't show up in the System Info and scare users. >>> >>> 3. Block XENVER_extraversion at the hypervisor level. Change xen_deny() >>> to return a more benign string like "<hidden>". (Perhaps also filter it >>> in hvmloader, just for good measure.) >> >> My knowledge of live migration on x86 is a bit limited, but if I >> understand correctly those two options would require a guest to reboot >> in order to pick up the changes. Am I correct? > > Not in the slightest. The content returned changes whenever the > hypervisor changes.
I guess Julien is talking about the filtering done in hvmloader. That filtering is about what's in the guest's ACPI tables; and *that* happens only once at guest boot; so whatever the scary message is in the Windows System Information page (or wherever it is) would stay there until the guest reboots, regardless of which option we go with. -George _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
