From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from [140.186.70.92] (port=44997 helo=eggs.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1P7vrr-0004Aa-LQ
	for qemu-devel@nongnu.org; Mon, 18 Oct 2010 15:59:36 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <anthony@codemonkey.ws>) id 1P7vrq-0008DO-Kc
	for qemu-devel@nongnu.org; Mon, 18 Oct 2010 15:59:35 -0400
Received: from mail-qy0-f173.google.com ([209.85.216.173]:49948)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <anthony@codemonkey.ws>) id 1P7vrq-0008DE-IO
	for qemu-devel@nongnu.org; Mon, 18 Oct 2010 15:59:34 -0400
Received: by qyl33 with SMTP id 33so216qyl.4
	for <qemu-devel@nongnu.org>; Mon, 18 Oct 2010 12:59:34 -0700 (PDT)
Message-ID: <4CBCA70D.9030900@codemonkey.ws>
Date: Mon, 18 Oct 2010 14:59:09 -0500
From: Anthony Liguori <anthony@codemonkey.ws>
MIME-Version: 1.0
Subject: Re: [Qemu-devel] Re: [PATCH 1/2] pci: Automatically patch PCI vendor
	id and device id in PCI ROM
References: <4CBC6CDB.109@redhat.com>
	<1287424511-22021-1-git-send-email-weil@mail.berlios.de>
	<20101018175821.GA27606@redhat.com>
	<4CBC94FE.5010003@codemonkey.ws>
	<20101018190325.GB27606@redhat.com>
	<4CBCA1AB.5010701@mail.berlios.de>
In-Reply-To: <4CBCA1AB.5010701@mail.berlios.de>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Stefan Weil <weil@mail.berlios.de>
Cc: QEMU Developers <qemu-devel@nongnu.org>, Gerd Hoffmann <kraxel@redhat.com>, Markus Armbruster <armbru@redhat.com>, "Michael S. Tsirkin" <mst@redhat.com>

On 10/18/2010 02:36 PM, Stefan Weil wrote:
> Maybe a more perfect solution would only patch the preconfigured
> rom files but not user configured files, but I don't think we
> need this degree of perfection.

Generally speaking, patching third-party code is not something that we 
should get in the habit of doing unless we're very very sure that it's 
okay and we have as many checks in place as possible to avoid bad things 
from happening.

There are so many bad things that can happen.  If attempted to support 
attestation in QEMU and prepopulated a virtual TPM with checksums from 
the BIOS and ROMs, when the virtual BIOS attempts to measure itself if 
we've patched the ROM underneath of it, then the measurements will fail.

In the very least, if we go this route, it has to be an optional feature.

Regards,

Anthony Liguori

> Regards,
> Stefan
>