[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Make hvm_fep available to non-debug build as well?



On Tue, Jun 14, 2016 at 12:36:09PM +0100, Andrew Cooper wrote:
> On 14/06/16 11:54, Jan Beulich wrote:
> >>>> On 14.06.16 at 12:47, <wei.liu2@xxxxxxxxxx> wrote:
> >> Andrew and I had a short conversation on IRC about why hvm_fep is only
> >> available to debug build. Here is what he said:
> >>
> >> <andyhhp> liuw: because hvm_fep puts a very large attack surface back
> >>           into the hypervisor
> >> <andyhhp> I intoduced it originally to make it easy to test the
> >>           instruction emulator without requiring a race condition between 
> >> two
> >>           vcpus
> >> <andyhhp> so I guess paranoia is the underlying answer to your question
> >> <andyhhp> there is nothing wrong in principle with making available in
> >>           non-debug builds
> >>
> >> I think I agree with him that in principle it should be possible to
> >> make hvm_fep available to non-debug build. Andrew also suggested a
> >> sync_console style warning, which I think makes sense.
> > Properly documented I'm not heavily opposed (but also not fully
> > convinced of this being a good idea).
> 
> I have had one case where I needed to make FEP available in non-debug
> build, as a bug I was chasing had its repro symptoms disappeared in a
> debug build. 
> (https://github.com/xenserver/xen-4.6.pg/commit/5826deab561dd92efaaeeb222c27184be257fad5
> for those who are interested)
> 
> So long as it is obvious when it is enabled, I am a hesitant +1.
> 

OK, I think I can start writing patch(es) to do that now.

Wei.

> ~Andrew

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.