[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Radical proposal: ship not-fully-tidied shim as 4.10.1

On Jan 8, 2018, at 16:44, Anthony Liguori <anthony@xxxxxxxxxxxxx> wrote:
On Mon, Jan 8, 2018 at 1:01 PM, Rich Persaud <persaur@xxxxxxxxx> wrote:
On a similarly pragmatic note: would a variation of Anthony's vixen patch series be suitable for pre-PVH Xen 4.6 - 4.9?  These versions are currently documented as security-supported (Oct 2018 - July 2020).

There are production environments where upgrading to Xen 4.10 in a timeframe of days or weeks is not practical.

Will PCI passthrough for PV guests be supported in any of the solutions that are being considered?  If not, it would be helpful to document this in the Spectre/Meltdown XSA and/or FAQ, including timeline or complexity estimates for the return of security support for Xen PV driver domains.  SUPPORT.md will also need an update.

It's not particularly hard to plumb through I think

An earlier discussion [1] suggested that it was feasible but not easy.  This feature is used for device driver (e.g. NIC or USB) domains in OpenXT and Qubes deployments.

but if you are using PCI passthrough for PV, then you really shouldn't worry about
Spectre/Meltdown.  That PV guest can already read all of physical
memory (since no IOMMU is used) and they can also write to all
physical memory which is far worse than what you can do with

We may be using different terminology?  OpenXT and Qubes typically require IOMMU for PV driver domains.  XSM can [2] enforce a policy which requires that an IOMMU be present before a driver domain is started.   


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.