Xen project Mailing List

Re: [PATCH v2] SUPPORT.md: extend security support for x86 hosts to 12 TiB of memory

To: Jan Beulich <jbeulich@xxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>

From: Julien Grall <julien@xxxxxxx>

Date: Wed, 25 May 2022 11:58:23 +0100

Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>

Delivery-date: Wed, 25 May 2022 10:58:31 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Hi Jan, On 25/05/2022 10:21, Jan Beulich wrote:

c49ee0329ff3 ("SUPPORT.md: limit security support for hosts with very
much memory"), as a result of XSA-385, restricted security support to
8 TiB of host memory. While subsequently further restricted for Arm,
extend this to 12 TiB on x86, putting in place a guest restriction to
8 TiB (or yet less for Arm) in exchange.

A 12 TiB x86 host was certified successfully for use with Xen 4.14 as
per https://www.suse.com/nbswebapp/yesBulletin.jsp?bulletinNumber=150753.
This in particular included running as many guests (2 TiB each) as
possible in parallel, to actually prove that all the memory can be used
like this. It may be relevant to note that the Optane memory there was
used in memory-only mode, with DRAM acting as cache.

Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
---
v2: Rebase over new host limits for Arm. Refine new guest values for
     Arm.

--- a/SUPPORT.md
+++ b/SUPPORT.md
@@ -50,7 +50,7 @@ For the Cortex A57 r0p0 - r1p1, see Erra

### Physical Memory- Status, x86: Supported up to 8 TiB. Hosts with more memory are supported, but not security supported.

+    Status, x86: Supported up to 12 TiB. Hosts with more memory are supported, 
but not security supported.
      Status, Arm32: Supported up to 12 GiB
      Status, Arm64: Supported up to 2 TiB

@@ -121,6 +121,17 @@ ARM only has one guest type at the momenStatus: Supported+## Guest Limits

+
+### Memory
+
+    Status, x86: Supported up to 8 TiB
+    Status, Arm64: Supported up to 1 TiB
+    Status, Arm32: Supported up to 32 GiB

IIRC, the max the architecture would allow us is 16 Gib. Here we are

limited with how much physical memory is supported by Xen. So this wants

to be 12 GiB.

+
+Guests with more memory, but less than 16 TiB, are supported,
+but not security supported.

On Arm32, we definitely can't support up to 16 TiB. On Arm64, we would

need some work to support it. So I would move this sentence in the

"Status, x86" section.

Cheers, -- Julien Grall

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.