All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Jürgen Groß" <jgross@suse.com>
To: Rich Persaud <persaur@gmail.com>
Cc: "Jason Andryuk" <jandryuk@gmail.com>,
	"Daniel Smith" <dpsmith@apertussolutions.com>,
	"Stefano Stabellini" <sstabellini@kernel.org>,
	"Marek Marczykowski-Górecki" <marmarek@invisiblethingslab.com>,
	xen-devel@lists.xenproject.org,
	"Lars Kurth" <lars.kurth@citrix.com>,
	"Kevin Tian" <kevin.tian@intel.com>,
	"Julien Grall" <julien@xen.org>,
	"Konrad Rzeszutek Wilk" <konrad.wilk@oracle.com>,
	"Christopher Clark" <christopher.w.clark@gmail.com>,
	"Dario Faggioli" <dfaggioli@suse.com>,
	"Jun Nakajima" <jun.nakajima@intel.com>, "Wei Liu" <wl@xen.org>,
	"George Dunlap" <George.Dunlap@eu.citrix.com>,
	"Andrew Cooper" <Andrew.Cooper3@citrix.com>,
	"Paul Durrant" <pdurrant@amazon.com>,
	"Ian Jackson" <Ian.Jackson@eu.citrix.com>,
	"Lukasz Hawrylko" <lukasz.hawrylko@linux.intel.com>,
	"Daniel De Graaf" <dgdegra@tycho.nsa.gov>,
	"Volodymyr Babchuk" <volodymyr_babchuk@epam.com>,
	"Roger Pau Monné" <roger.pau@citrix.com>
Subject: Re: [Xen-devel] [PATCH v3 0/9] Add hypervisor sysfs-like support
Date: Mon, 27 Jan 2020 06:37:50 +0100	[thread overview]
Message-ID: <0403a954-0eb8-177d-45ae-1d303afeaaa0@suse.com> (raw)
In-Reply-To: <66250848-8C98-4A7E-BA33-986A892BFD31@gmail.com>

On 26.01.20 23:05, Rich Persaud wrote:
> On Jan 21, 2020, at 03:45, Juergen Gross <jgross@suse.com> wrote:
>>
>> On the 2019 Xen developer summit there was agreement that the Xen
>> hypervisor should gain support for a hierarchical name-value store
>> similar to the Linux kernel's sysfs.
> 
> Is there a short summary of the most recent use cases for this feature and expected interactions with other Xen features (e.g. Panopticon Xen, security controls on information that is visible to guests, e.g. recent discussion on version number hiding). This would impact many subsystems.

In the first run access is permitted to dom0 only. Access to other
guests needs to be discussed.

Current use cases are just the buildinfo leafs including the .config
of the hypervisor, plus reading and writing runtime parameters.

I'd like to add per-cpupool parameters (like SMT per cpupool,
scheduling granularity) and maybe per-domain ones (e.g. mitigation
settings). Another area to cover would be debugging interfaces like
lock profiling, performance counters, ...

> Presumably Kconfig could enable/disable this optional feature and all dependencies, and the Xen toolstack would continue to function normally in its absence.

I'd rather go the other way round: have a detailed look which current
privileged interfaces (domctl, sysctl) can be replaced by the file
system and switch over to it with (where necessary) fine grained
access control. I think this is something to discuss at the next Xen
summit in summer (I have already registered a session for that
purpose).


Juergen


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel

      reply	other threads:[~2020-01-27  5:38 UTC|newest]

Thread overview: 42+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-01-21  8:43 [Xen-devel] [PATCH v3 0/9] Add hypervisor sysfs-like support Juergen Gross
2020-01-21  8:43 ` [Xen-devel] [PATCH v3 1/9] xen: add a generic way to include binary files as variables Juergen Gross
2020-02-03 13:39   ` Jan Beulich
2020-02-03 14:02     ` Jürgen Groß
2020-02-03 15:18       ` Jan Beulich
2020-01-21  8:43 ` [Xen-devel] [PATCH v3 2/9] xen: split parameter related definitions in own header file Juergen Gross
2020-01-21 13:00   ` Julien Grall
2020-01-21 13:28     ` Jürgen Groß
2020-01-21 13:31       ` Julien Grall
2020-01-22  1:34   ` Dario Faggioli
2020-01-22 11:28   ` Durrant, Paul
2020-01-22 16:49   ` Jan Beulich
2020-02-03  5:37   ` Tian, Kevin
2020-02-03 12:13   ` Jan Beulich
2020-01-21  8:43 ` [Xen-devel] [PATCH v3 3/9] docs: add feature document for Xen hypervisor sysfs-like support Juergen Gross
2020-01-21 13:14   ` Julien Grall
2020-01-21 14:17     ` Jürgen Groß
2020-02-03 10:29       ` Julien Grall
2020-01-21  8:43 ` [Xen-devel] [PATCH v3 4/9] xen: add basic hypervisor filesystem support Juergen Gross
2020-01-31 15:50   ` Wei Liu
2020-02-03  9:12     ` Jürgen Groß
2020-02-03 15:07   ` Jan Beulich
2020-02-04  6:43     ` Jürgen Groß
2020-02-04  8:48       ` Jan Beulich
2020-02-04  9:21         ` Jürgen Groß
2020-02-04  9:58           ` Jan Beulich
2020-02-04 10:48             ` Jürgen Groß
2020-02-04 11:28               ` Jan Beulich
2020-02-04 11:38                 ` Jürgen Groß
2020-01-21  8:43 ` [Xen-devel] [PATCH v3 5/9] libs: add libxenhypfs Juergen Gross
2020-01-31 15:57   ` Wei Liu
2020-02-03  9:14     ` Jürgen Groß
2020-06-03  6:10       ` Olaf Hering
2020-01-21  8:43 ` [Xen-devel] [PATCH v3 6/9] tools: add xenfs tool Juergen Gross
2020-01-31 15:59   ` Wei Liu
2020-01-21  8:43 ` [Xen-devel] [PATCH v3 7/9] xen: provide version information in hypfs Juergen Gross
2020-02-03 17:02   ` Jan Beulich
2020-02-04  6:44     ` Jürgen Groß
2020-01-21  8:43 ` [Xen-devel] [PATCH v3 8/9] xen: add /buildinfo/config entry to hypervisor filesystem Juergen Gross
2020-01-21  8:43 ` [Xen-devel] [PATCH v3 9/9] xen: add runtime parameter access support to hypfs Juergen Gross
2020-01-26 22:05 ` [Xen-devel] [PATCH v3 0/9] Add hypervisor sysfs-like support Rich Persaud
2020-01-27  5:37   ` Jürgen Groß [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=0403a954-0eb8-177d-45ae-1d303afeaaa0@suse.com \
    --to=jgross@suse.com \
    --cc=Andrew.Cooper3@citrix.com \
    --cc=George.Dunlap@eu.citrix.com \
    --cc=Ian.Jackson@eu.citrix.com \
    --cc=christopher.w.clark@gmail.com \
    --cc=dfaggioli@suse.com \
    --cc=dgdegra@tycho.nsa.gov \
    --cc=dpsmith@apertussolutions.com \
    --cc=jandryuk@gmail.com \
    --cc=julien@xen.org \
    --cc=jun.nakajima@intel.com \
    --cc=kevin.tian@intel.com \
    --cc=konrad.wilk@oracle.com \
    --cc=lars.kurth@citrix.com \
    --cc=lukasz.hawrylko@linux.intel.com \
    --cc=marmarek@invisiblethingslab.com \
    --cc=pdurrant@amazon.com \
    --cc=persaur@gmail.com \
    --cc=roger.pau@citrix.com \
    --cc=sstabellini@kernel.org \
    --cc=volodymyr_babchuk@epam.com \
    --cc=wl@xen.org \
    --cc=xen-devel@lists.xenproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.