On Thu, Sep 09, 2021 at 01:20:16AM +0200, Philippe Mathieu-Daudé wrote: > Add the AccelClass::secure_policy_supported field to classify > safe (within security boundary) vs unsafe accelerators. > > Signed-off-by: Philippe Mathieu-Daudé <phi...@redhat.com> > --- > include/qemu/accel.h | 5 +++++ > accel/kvm/kvm-all.c | 1 + > accel/xen/xen-all.c | 1 + > softmmu/vl.c | 3 +++ > 4 files changed, 10 insertions(+) > > diff --git a/include/qemu/accel.h b/include/qemu/accel.h > index 4f4c283f6fc..895e30be0de 100644 > --- a/include/qemu/accel.h > +++ b/include/qemu/accel.h > @@ -44,6 +44,11 @@ typedef struct AccelClass { > hwaddr start_addr, hwaddr size); > #endif > bool *allowed; > + /* > + * Whether the accelerator is withing QEMU security policy boundary.
within > + * See: https://www.qemu.org/contribute/security-process/ > + */ > + bool secure_policy_supported; > /* > * Array of global properties that would be applied when specific > * accelerator is chosen. It works like MachineClass.compat_props -- Eric Blake, Principal Software Engineer Red Hat, Inc. +1-919-301-3266 Virtualization: qemu.org | libvirt.org