[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 2/2] xen/include/public: deprecate GNTTABOP_transfer

To: Jan Beulich <jbeulich@xxxxxxxx>
From: Julien Grall <julien@xxxxxxx>
Date: Fri, 25 Feb 2022 10:24:51 +0000
Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx, Juergen Gross <jgross@xxxxxxxx>
Delivery-date: Fri, 25 Feb 2022 10:25:10 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Hi,

On 25/02/2022 08:12, Jan Beulich wrote:

On 24.02.2022 23:55, Julien Grall wrote:

On 16/02/2022 09:29, Jan Beulich wrote:

On 16.02.2022 08:20, Juergen Gross wrote:

On 15.02.22 22:13, Julien Grall wrote:

As a side note, should we also update SUPPORT.md?


Good question.


I'm not sure here either - talking about individual hypercall sub-ops
seems overly small granularity to me for this kind of doc. Plus I
don't view deprecation and de-supporting as the same thing. The latter
would mean to render unsupported any old XenoLinux which may still be
in use, all of the sudden.


I understand this would result to unsupport some old OSes (not clear how
old). However, from what Juergen said this feature is untested.

To me it sound like we are not confident that we could security support
this feature.

So I am not sure to understand why we only want to deprecate it.


Not sure what to say: Rendering unsupported however old guests is not
a nice step. Hence my concern (which isn't an outright objection).

In the past we have removed support for feature we deemed unsafe to useand it would require effort to secure it. This is despite the fact thatit may be used in production (e.g. PV devices, qemu trad...).

So I think the question here is really, do you think we can sensiblysecurity support GNTTABOP_transfer?


Cheers,

--
Julien Grall

Follow-Ups:
- Re: [PATCH v2 2/2] xen/include/public: deprecate GNTTABOP_transfer
  - From: Jan Beulich

References:
- [PATCH v2 1/2] xen: add option to disable GNTTABOP_transfer
  - From: Juergen Gross
- [PATCH v2 2/2] xen/include/public: deprecate GNTTABOP_transfer
  - From: Juergen Gross
- Re: [PATCH v2 2/2] xen/include/public: deprecate GNTTABOP_transfer
  - From: Julien Grall
- Re: [PATCH v2 2/2] xen/include/public: deprecate GNTTABOP_transfer
  - From: Juergen Gross
- Re: [PATCH v2 2/2] xen/include/public: deprecate GNTTABOP_transfer
  - From: Jan Beulich
- Re: [PATCH v2 2/2] xen/include/public: deprecate GNTTABOP_transfer
  - From: Julien Grall
- Re: [PATCH v2 2/2] xen/include/public: deprecate GNTTABOP_transfer
  - From: Jan Beulich

Prev by Date: Re: [PATCH 2/2] xen/spinlock: merge recurse_cpu and debug.cpu fields in struct spinlock
Next by Date: Re: [PATCH v2 2/2] xen/include/public: deprecate GNTTABOP_transfer
Previous by thread: Re: [PATCH v2 2/2] xen/include/public: deprecate GNTTABOP_transfer
Next by thread: Re: [PATCH v2 2/2] xen/include/public: deprecate GNTTABOP_transfer
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.