[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH] SUPPORT.md: extend security support for hosts to 12 TiB of memory
- To: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
- From: Jan Beulich <jbeulich@xxxxxxxx>
- Date: Wed, 6 Apr 2022 16:44:30 +0200
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=0bgJSju+vdmXtXwH09gQNY2F0IdkUhfF3FPg22gDVs8=; b=BOkxYeHn1TnOWsd9b5R8m9wxl7lReAXJzVkA0riihBa74xIUg3N1CZu2cU7ObWg5BzYB442eaE6XO8G86J0Stk/SamST7O5BrVHehRJS1ZaIphxeA7qu68JJ0FyRgWix5be0o9tGsPEQSPNzqAMpJN3NIB7UQG5Cym3FKVfthVgML4Kqj+3MfsFvnk1KX4AfxtxAX3jmWbFoTAw2JmXYVixHJ2WLn0OQqnXAJpNq/gBX/8lRyCLD0wcHNy4edDIrnWp5TCiwY3+93dIR87uui0EsFI0mQpWNaiKJGP6Djm5LCpUTjhOyEi1w0xTHEM9iPGzLiAUtdUqklVv7wY8Z8A==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=NGF7manSXHSfOWjP/vLdYJmqWCZWfx77J0Xix7ken5zgYZt5d5dq47/7oga+unAZcFJBU6QmN+S/EwaKbhJh8VMgH9UGQ9r1AMiZL+3h6etZy0ppqnnko3fyAM+YbpITIKiAjO6Q2EqxCwbA/EnSM3Tcw8WP/rhLRjIb//JgDfdr08zUn0yEzMkSRg48IIa7w+0Zd7qJDCUCEaarSjgV3DNObUvOxsuQpY7uuRsqOMNoQPA2YblHIN+i0hVwQPJJfqXRGcOAwm6LeqRYkanAx/MzCcANNI78cQhLUJxkg1m5MpI6SD5zUYa6rgod658SlwLQE7za7uQ8FdpK1R0zDA==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
- Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>
- Delivery-date: Wed, 06 Apr 2022 14:44:47 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
c49ee0329ff3 ("SUPPORT.md: limit security support for hosts with very
much memory"), as a result of XSA-385, restricted security support to
8 TiB of host memory. Extend this to 12 TiB, putting in place a guest
restriction to 8 TiB in exchange.
A 12 TiB host was certified successfully for use with Xen 4.14 as per
https://www.suse.com/nbswebapp/yesBulletin.jsp?bulletinNumber=150753.
This in particular included running as many guests (2 TiB each) as
possible in parallel, to actually prove that all the memory can be used
like this. It may be relevant to note that the Optane memory there was
used in memory-only mode, with DRAM acting as cache.
Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
--- a/SUPPORT.md
+++ b/SUPPORT.md
@@ -50,7 +50,7 @@ For the Cortex A57 r0p0 - r1p1, see Erra
### Physical Memory
- Status: Supported up to 8 TiB
+ Status: Supported up to 12 TiB
Hosts with more memory are supported, but not security supported.
@@ -121,6 +121,14 @@ ARM only has one guest type at the momen
Status: Supported
+## Guest Limits
+
+### Memory
+
+ Status: Supported up to 8 TiB
+
+Guests with more memory are supported, but not security supported.
+
## Hypervisor file system
### Build info
|
