On 27/03/19 14:19, Samuel Ortiz wrote: > Hi Paolo, > > On Tue, Mar 26, 2019 at 10:07:35AM +0100, Paolo Bonzini wrote: >> Would separate QEMU binaries be a solution? I think I am not as opposed >> to a "q35-lite" machine type these days, I find it preferrable to share >> the northbridge and southbridge with Q35 and just get rid of IDE, VGA, >> IOAPIC, legacy ISA devices etc. The chipset would stay the same as q35 >> so that we keep secure boot, > Excuse my ignorance, but could you explain why the chipset emulation is > needed for secure boot?
Because currently Secure Boot requires SMM (if you don't have SMM, it is not really secure because the key database can be overwritten by untrusted code). Of course you could add SMM support to your virt PCI host bridge, and support for your virt PCI host bridge to OVMF. However, at some point you get into diminishing returns. The situation is more or less the same as for hotplug. In that case, some of the things that ICH9 is doing are still needed even if you get rid of IOAPIC/INTX, so you still need something to will do those things. You can pick either the existing ICH9 or a new ACPI hotplug controller, but the code still has to be there somewhere. Paolo
