14 Sep
2017
14 Sep
'17
6:05 p.m.
On Wed, Sep 13, 2017 at 05:28:56PM +0200, Michal Privoznik wrote:
On 09/13/2017 03:54 PM, Stefan Hajnoczi wrote:
2. Only allow NVDIMM hotplug if the domain was started with -M nvdimm=on.
I think QEMU will not add -M nvdimm=on to the "pc" machine type by default since it adds the NVDIMM DSM hardware interface that increases the security attack surface.
So this is the downside. Well, I think all that we are left with is option 2 then. Or, we can expose nvdimm=on the domain XML (and enable it by default for any domain that already has a nvdimm device configured).
There probably needs to be an explicit nvdimm=on XML element so that domains can be created without NVDIMMs at boot but the ability to hotplug NVDIMMs later. Stefan