On 2012-08-14 15:16, Avi Kivity wrote: > On 08/14/2012 02:01 PM, Jan Kiszka wrote: > >>>> We can also easily automatically disable it when there is insufficient >>>> (<1MB) memory. Will post a patch. >>> >>> Would be nicer if it auto-disables itself, but don't know if the option >>> ROM has access to the memory size. >> >> There is that global ram_size, also used by vmport. Not really nice but >> no precedent. > > I meant do the detection in the guest. But don't respin the patch, it > doesn't really matter and host-side works just as well.
We must not allow the guest to decide over this. Unless I'm misinterpreting something, a malicious guest could still trigger this patching (in non-existent RAM) and crash the host. Jan -- Siemens AG, Corporate Technology, CT RTC ITP SDP-DE Corporate Competence Center Embedded Linux
