[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH RFC 00/10] x86 passthrough code cleanup

On 2/22/18 11:12 PM, Tian, Kevin wrote:
>> From: Wei Liu
>> Sent: Thursday, February 22, 2018 5:47 AM
>> Hi all
>> At some point I would like to make CONFIG_HVM and CONFIG_PV work.
>> The
>> passthrough code is one of the road blocks for that work.
> Can you elaborate the motivation of this change? why does someone
> want to disable HVM or PV logic completely from hypervisor?

I can say I recall advocating for this at Xen Summit in Cambridge. I
believe I talked about it in Toronto as well. There are a number of
users of Xen that would certainly want to ship without all the code
associated with PV compiled in. Given the nature of design "compromises"
in many parts of x86 systems there is certainly a non-zero sum of people
that would likely utilize the ability to remove code that doesn't need
to be there. I think every individual on this list who has been involved
in the security has been in a room of @intel.com folks has seen features
vs security win out many times.

I don't think its a hard stretch of the imagination to see people
disabling PV in data centers running newer workloads on PVH and HVM
only. I can see the real question being why HVM? That I would say lies
with the direction of discretionary access controls in Xen vs mandatory
access controls. To solve for the lack of functionality we've grown
things like "dmops" and I could certainly see a product like Qubes
running only PVH domains in the future.

Since I picked on Qubes I've CC'd Marek.

Doug Goldstein

Attachment: signature.asc
Description: OpenPGP digital signature

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.