On 11/28/18 19:33, Kevin O'Connor wrote:
On Wed, Nov 28, 2018 at 06:50:50PM +0100, Laszlo Ersek wrote:
On 11/28/18 16:51, Kevin O'Connor wrote:
If we could do it safely that would be fine. My fear is that it introduces a regression. A new config option would be okay, but it doesn't sound like that will help, as it seems that once one narrows down the problem to a bad behaving optionrom, one could just as easily block that optionrom instead..
Do you mean that a "blacklist" should be added (a static array of checksums, of known-bad ROM images)?
If I understand the bugzilla report correctly, it would be possible to avoid this issue by using <rom bar='off'/> in libvirt. It appears the issue is identifying the problem and then there are further issues with changing that config.
Implementing a default blacklist is a thought that I had. If we feel the software we control is working as intended and it is the optionrom that is broken, then perhaps the focus should be on not running that optionrom. (Effectively changing the default to run only known good optionroms on pci passthrough.) I don't think SeaBIOS would be the place to maintain a blacklist/whitelist though, so it's an easy proposal for me to make.. I understand if it is not viable.
So, if I understand correctly:
- doing something generic in SeaBIOS is too risky / heavy-handed, - discriminating individual oproms in SeaBIOS is out of scope.
Well... If we put it like that, I can't say that I disagree. I'll try to carry this over to the RHBZ.
Thanks, Laszlo