[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 2/2] xen/include/public: deprecate GNTTABOP_transfer


  • To: Julien Grall <julien@xxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Fri, 25 Feb 2022 11:30:58 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=POXQsCTEhKU9rL1NFnJ4gkLf2nr1Wkc69qpMY9fYofg=; b=S0WKZMol6F4xlhM7fTzSa6WhxbO76o2yuCcDjtu6ZqjHPCKw78BptexMx8V3015zzR/MsygjUDcBpBXBZpCAKFmYcQIFotgVLY6pltyOijdGByXXfReuYwdtunKLHXCaf2ynX2qqdElMoJTatInUsBTNUVw7+tgTIdPvBc893j7oAZMZnUUd6+Srzh1U/hSwV7m7XvZ8pVl+NftEzoQdvjLyO5hBlB5AF4TEDhcLbqDJWIDT0w8mLG3Ji0rpbKzkxhVCE03aW21O4hViz4wtQd6Vkc8uFAjQeZ/uT3qgA+vedxDsZOgjTzKHK0fI74XVv2OkBGqfjBAHaia/nUPCnQ==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=WlFtQYSrfYWaaBJpWIpLujZblclFGt0I/VPtLoF/JZ9bpEgxZEmXaBIM+uQgmMIThypZ9i/krpVDhjIW+UtA5RhjtgEg46oige28Ji9Dz1A7wtW7YxyrL+vdZ2L2jT7dg+eVMw7VDb9qUnY6lDBRzl4RuZMns1YB+bO64GXj65ca6YwPJyF0ZtoL/rnrioVaUTXKS3fSyY/DmEj2aq93U/sl3yV8DvchNSJ2mpAfDQlPaeSD6H0a07IC82sAhWyjQXo+1JBCK5kzbU2dOlhxUvZuwt7W6ZV/KKEpP3ajdkUlZyUkOYG2vp3tvloHhnPzXiPeIWWz/1C9jVLEPrh1Tg==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx, Juergen Gross <jgross@xxxxxxxx>
  • Delivery-date: Fri, 25 Feb 2022 10:31:10 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 25.02.2022 11:24, Julien Grall wrote:
> On 25/02/2022 08:12, Jan Beulich wrote:
>> On 24.02.2022 23:55, Julien Grall wrote:
>>> On 16/02/2022 09:29, Jan Beulich wrote:
>>>> On 16.02.2022 08:20, Juergen Gross wrote:
>>>>> On 15.02.22 22:13, Julien Grall wrote:
>>>>>> As a side note, should we also update SUPPORT.md?
>>>>>
>>>>> Good question.
>>>>
>>>> I'm not sure here either - talking about individual hypercall sub-ops
>>>> seems overly small granularity to me for this kind of doc. Plus I
>>>> don't view deprecation and de-supporting as the same thing. The latter
>>>> would mean to render unsupported any old XenoLinux which may still be
>>>> in use, all of the sudden.
>>>
>>> I understand this would result to unsupport some old OSes (not clear how
>>> old). However, from what Juergen said this feature is untested.
>>>
>>> To me it sound like we are not confident that we could security support
>>> this feature.
>>>
>>> So I am not sure to understand why we only want to deprecate it.
>>
>> Not sure what to say: Rendering unsupported however old guests is not
>> a nice step. Hence my concern (which isn't an outright objection).
> 
> In the past we have removed support for feature we deemed unsafe to use 
> and it would require effort to secure it. This is despite the fact that 
> it may be used in production (e.g. PV devices, qemu trad...).
> 
> So I think the question here is really, do you think we can sensibly 
> security support GNTTABOP_transfer?

I don't think it's a question of "can", but of "are we willing to". It
would be "can" only if we learned of some seemingly very hard to solve
issue. From a workload perspective it would certainly be nice if we
didn't have to think about this anymore. Yet like in certain other
cases, besides the particular item here I'm also worried of setting
a precedent which may then be used to argue for the removal of support
for other operations, just to make our lives easier.

Jan




 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.