[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] xen: make tracebuffer configurable

To: <george.dunlap@xxxxxxxxxx>
From: "Jan Beulich" <JBeulich@xxxxxxxx>
Date: Fri, 31 May 2019 07:15:22 -0600
Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>, Daniel Smith <dpsmith@xxxxxxxxxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Tim Deegan <tim@xxxxxxx>, Rich Persaud <persaur@xxxxxxxxx>, Julien Grall <julien.grall@xxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Baodong Chen <chenbaodong@xxxxxxxxxx>, Ian Jackson <Ian.Jackson@xxxxxxxxxx>
Delivery-date: Fri, 31 May 2019 13:15:38 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

>>> On 31.05.19 at 14:58, <George.Dunlap@xxxxxxxxxx> wrote:
>> On May 31, 2019, at 12:10 PM, Jan Beulich <JBeulich@xxxxxxxx> wrote:
>>>>> On 30.05.19 at 12:17, <chenbaodong@xxxxxxxxxx> wrote:
>>> Default: enabled.
>>> Can be disabled for smaller code footprint.
>> 
>> But you're aware that we're, for now at least, trying to limit the
>> number of independently selectable config options? Ones depending
>> on EXPERT are sort of an exception in certain cases.
> 
> I’m trying to remember exactly what we have or haven’t decided.  I take it 
> you think we should avoid having a load of independently-selectable 
> configurations to support?

Yes, that's the main (and perhaps only) reason to limit options with
user visible prompts.

> Baodong, what was your main purpose in adding a patch like this?  Just to 
> make things a bit tidier, or was it to try to go through and generate a far 
> smaller hypervisor codebase (for instance, perhaps to make safety 
> certification more tractable)?
> 
> I think we’ve talked about this before, but our basic options, as far as 
> support, would be:
> 
> 1. Have a single large config option which disabled large swathes of unused 
> functionality

Perhaps this is a worthwhile thing to have anyway.

> 2. Have individual bits configurable, but have only a handful of “security 
> supported” configurations.
> 
> The idea with #2 is that we’d have a “certification” config that we tested 
> and security supported, with all of these individual bits off, as well as 
> “cloud” and “client” configs with all of these “optional” bits on (or some 
> subset on, depending on what each community thought made the most sense for 
> their use cafe).  If people wanted to enable or disable individual config 
> options outside fo those, they’d be taking a risk wrt breakage (not tested) 
> or security issues (no XSA issued unless it affected one of the supported 
> configs).

The one issue with this that I see (besides the implied testing needs,
as generally all or at least most of the possible combinations will need
testing) is that once we have chosen such a "handful", their volume
will likely grow. Plus it may be difficult to come to an agreement what
should or should not be part of this "handful". But sure, we can give
it a try ...

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

References:
- [Xen-devel] [PATCH] xen: make tracebuffer configurable
  - From: Baodong Chen
- Re: [Xen-devel] [PATCH] xen: make tracebuffer configurable
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH] xen: make tracebuffer configurable
  - From: George Dunlap

Prev by Date: Re: [Xen-devel] [PATCH v2] xen: remove on-stack cpumask from stop_machine_run()
Next by Date: Re: [Xen-devel] [PATCH 2/2] dom_cow is needed for mem-sharing only
Previous by thread: Re: [Xen-devel] [PATCH] xen: make tracebuffer configurable
Next by thread: [Xen-devel] [PATCH] iommu/arm: add missing return
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.