On Mon, Jan 8, 2018 at 1:01 PM, Rich Persaud <persaur@xxxxxxxxx> wrote:On a similarly pragmatic note: would a variation of Anthony's vixen patch series be suitable for pre-PVH Xen 4.6 - 4.9? These versions are currently documented as security-supported (Oct 2018 - July 2020).
There are production environments where upgrading to Xen 4.10 in a timeframe of days or weeks is not practical.
Will PCI passthrough for PV guests be supported in any of the solutions that are being considered? If not, it would be helpful to document this in the Spectre/Meltdown XSA and/or FAQ, including timeline or complexity estimates for the return of security support for Xen PV driver domains. SUPPORT.md will also need an update.
It's not particularly hard to plumb through I think
An earlier discussion [1] suggested that it was feasible but not easy. This feature is used for device driver (e.g. NIC or USB) domains in OpenXT and Qubes deployments.
but if you are using PCI passthrough for PV, then you really shouldn't worry about
Spectre/Meltdown. That PV guest can already read all of physical
memory (since no IOMMU is used) and they can also write to all
physical memory which is far worse than what you can do with
Spectre/Meltdown.
We may be using different terminology? OpenXT and Qubes typically require IOMMU for PV driver domains. XSM can [2] enforce a policy which requires that an IOMMU be present before a driver domain is started.
Rich
