[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 04/17] vmx: nest: domain and vcpu flags

On Thursday 20 May 2010 11:37:53 Tim Deegan wrote:
> At 10:41 +0100 on 22 Apr (1271932876), Qing He wrote:
> > Introduce a domain create flag to allow user to set availability
> > of nested virtualization.
> > The flag will be used to disable all reporting and function
> > facilities, improving guest security.
> I have the same reservation about this as Christoph's patch: I don't
> think this needs to be a create-time flag - there's no reason it can't
> be enabled or disabled with a domctl after domain creation.  (And of
> course we'll want it to bve the same interface on both SVM and VMX.)

I already reworked that part to use HVM_PARAM_*. It showed up one
caveat: The nestedhvm_enabled() becomes true after p2m_init()
run. So the hap-on-hap code wasn't initialized.
I worked around that by initialising nestedp2m's in p2m_init()
unconditionally of having nestedhvm=1 in the guest config file
or not.


---to satisfy European Law for business letters:
Advanced Micro Devices GmbH
Einsteinring 24, 85609 Dornach b. Muenchen
Geschaeftsfuehrer: Andrew Bowd, Thomas M. McCoy, Giuliano Meroni
Sitz: Dornach, Gemeinde Aschheim, Landkreis Muenchen
Registergericht Muenchen, HRB Nr. 43632

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.