|
|
|
|
|
|
by nolist_policy
607 days ago
|
|
|
OpenHCL is much more interesting than OpenVMM: Tl;Dr: Run the VM with only modern paravirtualized devices, then run OpenHCL inside the VM in ring -1 to emulate legacy devices and the guest os in ring 0 as usual. This is more secure, as the host only exposes paravirtualized devices with reduced attack surface to the guest. While still allowing to run legacy os. |
|
|