On 05/07/2023 14.46, Claudio Imbrenda wrote:
On Wed, 5 Jul 2023 13:26:32 +0100 Daniel P. Berrangé <berrange@redhat.com> wrote:
[...]
I rather think mgmt apps need to explicitly opt-in to async teardown, so they're aware that they need to take account of delayed RAM availablity in their accounting / guest placement logic.
what would you think about enabling it by default only for guests that are capable to run in Secure Execution mode?
IIUC, that's basically /all/ guests if running on new enough hardware with prot_virt=1 enabled on the host OS, so will still present challenges to mgmt apps needing to be aware of this behaviour AFAICS.
I think there is some fencing still? I don't think it's automatic
Could we maybe enable it by default if the user specified the <launchSecurity type='s390-pv'/> tag? Thomas