Hi. During the Xen BoF at Debconf we talked a bit about upstream Xen efforts to deprivilege the qemu device model (used for HVM guests, ie guests which get a full PC emulation).
I mentioned that I gave a talk on this at the Xen Project Developer Summit in Chicago this year and promised to link to the talk materials. So: https://xensummit19.sched.com/event/PFVx/deprivileging-qemu-device-models-ian-jackson-citrix https://static.sched.com/hosted_files/xensummit19/7b/slides.pdf https://static.sched.com/hosted_files/xensummit19/03/talk.txt IDK if there is a video stream available but you can find, roughly, what I said, there in "talk.txt". Ian. -- Ian Jackson <ijack...@chiark.greenend.org.uk> These opinions are my own. If I emailed you from an address @fyvzl.net or @evade.org.uk, that is a private address which bypasses my fierce spamfilter.