On Mon, Sep 15, 2025 at 02:50:14PM +0200, Hans-Jörg Höxer wrote:
> Hi,
>
> On Mon, Sep 15, 2025 at 05:46:32AM -0700, Mike Larkin wrote:
> > >
> > > well, I'd say we all agree that depending on ACPI is problematic.
> > > Mark suggested to try to use the static tables only.  As we want to
> > > ignore most of the qemu emulated hardware (in a confidentail comp setting)
> > > anyway, this migth work good enough.  I will look into this.
> > >
> > > For qemu/kvm we need busspace paravirtualization which is not (yet)
> > > supported by vmm and vmd.  When using the proposed whitelist diff, we
> > > only attach devices, that work in both settings (qemu and vmm/vmd with
> > > confidentiallity enabled; other configurations are not affected anyway).
> > > So this should help us to improve and test both scenarios more easily.
> >
> > So, to recap -
> >
> > 1. you're going to try to use the static tables, and we should see a diff
> >    for that at some point
> >
> > 2. we can do the whitelist but not until #1 is done
> >
> > is that right?
>
> I'd say the other way round:
>
>  1. do the whitelist now
>
>  2. improve further by using the static table apporach
>
> Take care,
> HJ.

I worry that if we do it in this order, we won't be incentivized to do the
static table stuff. We will end up committing it and not fixing it.

Is there a reason we can't quickly verify that the static table approach works?

-ml