All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH v3] SUPPORT.md: add Dom0less as Supported
@ 2022-04-08  0:10 Stefano Stabellini
  2022-04-08  0:50 ` Henry Wang
  2022-04-08 17:24 ` Julien Grall
  0 siblings, 2 replies; 5+ messages in thread
From: Stefano Stabellini @ 2022-04-08  0:10 UTC (permalink / raw)
  To: xen-devel
  Cc: sstabellini, julien, andrew.cooper3, george.dunlap, jbeulich, wl

Add Dom0less to SUPPORT.md to clarify its support status. The feature is
mature enough and small enough to make it security supported.

Clarify that dom0less DomUs memory is not scrubbed at boot when
bootscrub=on or bootscrub=off are passed as Xen command line parameters,
and no XSAs will be issued for that.

Also see XSA-372: 371347c5b64da and fd5dc41ceaed.

Signed-off-by: Stefano Stabellini <stefano.stabellini@xilinx.com>
Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com>
---
Changes in v3:
- improve commit messahe
- improve SUPPORT.md statement
- add Bertrand's reviewed-by

Changes in v2:
- clarify memory scrubbing
---

diff --git a/SUPPORT.md b/SUPPORT.md
index 32fb0aa8de..088dda9561 100644
--- a/SUPPORT.md
+++ b/SUPPORT.md
@@ -882,6 +882,17 @@ OVMF firmware implements the UEFI boot protocol.
 
     Status, qemu-xen: Supported
 
+## Dom0less
+
+Guest creation from the hypervisor at boot without Dom0 intervention.
+
+    Status, ARM: Supported
+
+Memory of dom0less DomUs is not scrubbed at boot when bootscrub=on or
+bootscrub=off are passed as Xen command line parameters. (Memory should
+be scrubbed with bootscrub=idle.) No XSAs will be issues due to
+unscrubbed memory.
+
 # Format and definitions
 
 This file contains prose, and machine-readable fragments.


^ permalink raw reply related	[flat|nested] 5+ messages in thread
* RE: [PATCH v3] SUPPORT.md: add Dom0less as Supported
  2022-04-08  0:10 [PATCH v3] SUPPORT.md: add Dom0less as Supported Stefano Stabellini
@ 2022-04-08  0:50 ` Henry Wang
  2022-04-08 17:19   ` Julien Grall
  2022-04-08 17:24 ` Julien Grall
  1 sibling, 1 reply; 5+ messages in thread
From: Henry Wang @ 2022-04-08  0:50 UTC (permalink / raw)
  To: Stefano Stabellini, xen-devel
  Cc: julien, andrew.cooper3, george.dunlap, jbeulich, wl

Hi Stefano,

> -----Original Message-----
> From: Xen-devel <xen-devel-bounces@lists.xenproject.org> On Behalf Of
> Stefano Stabellini
> Sent: Friday, April 8, 2022 8:11 AM
> To: xen-devel@lists.xenproject.org
> Cc: sstabellini@kernel.org; julien@xen.org; andrew.cooper3@citrix.com;
> george.dunlap@citrix.com; jbeulich@suse.com; wl@xen.org
> Subject: [PATCH v3] SUPPORT.md: add Dom0less as Supported
> 
> Add Dom0less to SUPPORT.md to clarify its support status. The feature is
> mature enough and small enough to make it security supported.
> 
> Clarify that dom0less DomUs memory is not scrubbed at boot when
> bootscrub=on or bootscrub=off are passed as Xen command line parameters,
> and no XSAs will be issued for that.
> 
> Also see XSA-372: 371347c5b64da and fd5dc41ceaed.
> 
> Signed-off-by: Stefano Stabellini <stefano.stabellini@xilinx.com>
> Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com>
> ---
> Changes in v3:
> - improve commit messahe

For the patch I don't have any comments, but I think here we've got
a typo: s/messahe/message. I think it is ok to fix while committing this
patch so this is just a kind reminder :))

Kind regards,
Henry 



^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [PATCH v3] SUPPORT.md: add Dom0less as Supported
  2022-04-08  0:50 ` Henry Wang
@ 2022-04-08 17:19   ` Julien Grall
  2022-04-11  0:59     ` Henry Wang
  0 siblings, 1 reply; 5+ messages in thread
From: Julien Grall @ 2022-04-08 17:19 UTC (permalink / raw)
  To: Henry Wang, Stefano Stabellini, xen-devel
  Cc: andrew.cooper3, george.dunlap, jbeulich, wl

Hi Henry,

On 08/04/2022 01:50, Henry Wang wrote:
>> -----Original Message-----
>> From: Xen-devel <xen-devel-bounces@lists.xenproject.org> On Behalf Of
>> Stefano Stabellini
>> Sent: Friday, April 8, 2022 8:11 AM
>> To: xen-devel@lists.xenproject.org
>> Cc: sstabellini@kernel.org; julien@xen.org; andrew.cooper3@citrix.com;
>> george.dunlap@citrix.com; jbeulich@suse.com; wl@xen.org
>> Subject: [PATCH v3] SUPPORT.md: add Dom0less as Supported
>>
>> Add Dom0less to SUPPORT.md to clarify its support status. The feature is
>> mature enough and small enough to make it security supported.
>>
>> Clarify that dom0less DomUs memory is not scrubbed at boot when
>> bootscrub=on or bootscrub=off are passed as Xen command line parameters,
>> and no XSAs will be issued for that.
>>
>> Also see XSA-372: 371347c5b64da and fd5dc41ceaed.
>>
>> Signed-off-by: Stefano Stabellini <stefano.stabellini@xilinx.com>
>> Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com>
>> ---
>> Changes in v3:
>> - improve commit messahe
> 
> For the patch I don't have any comments, but I think here we've got
> a typo: s/messahe/message. I think it is ok to fix while committing this
> patch so this is just a kind reminder :))

Anything after --- will be stripped by git am. So there is nothing to 
fix it on commit.

Cheers,

-- 
Julien Grall


^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: [PATCH v3] SUPPORT.md: add Dom0less as Supported
  2022-04-08  0:10 [PATCH v3] SUPPORT.md: add Dom0less as Supported Stefano Stabellini
  2022-04-08  0:50 ` Henry Wang
@ 2022-04-08 17:24 ` Julien Grall
  1 sibling, 0 replies; 5+ messages in thread
From: Julien Grall @ 2022-04-08 17:24 UTC (permalink / raw)
  To: Stefano Stabellini, xen-devel; +Cc: andrew.cooper3, george.dunlap, jbeulich, wl

Hi,

On 08/04/2022 01:10, Stefano Stabellini wrote:
> Add Dom0less to SUPPORT.md to clarify its support status. The feature is
> mature enough and small enough to make it security supported.
> 
> Clarify that dom0less DomUs memory is not scrubbed at boot when
> bootscrub=on or bootscrub=off are passed as Xen command line parameters,
> and no XSAs will be issued for that.
> 
> Also see XSA-372: 371347c5b64da and fd5dc41ceaed.
> 
> Signed-off-by: Stefano Stabellini <stefano.stabellini@xilinx.com>
> Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com>


Acked-by: Julien Grall <jgrall@amazon.com>

Cheers,

-- 
Julien Grall


^ permalink raw reply	[flat|nested] 5+ messages in thread
* RE: [PATCH v3] SUPPORT.md: add Dom0less as Supported
  2022-04-08 17:19   ` Julien Grall
@ 2022-04-11  0:59     ` Henry Wang
  0 siblings, 0 replies; 5+ messages in thread
From: Henry Wang @ 2022-04-11  0:59 UTC (permalink / raw)
  To: Julien Grall, Stefano Stabellini, xen-devel
  Cc: andrew.cooper3, george.dunlap, jbeulich, wl

Hi Julien and Stefano,

> -----Original Message-----
> From: Julien Grall <julien@xen.org>
> >
> > For the patch I don't have any comments, but I think here we've got
> > a typo: s/messahe/message. I think it is ok to fix while committing this
> > patch so this is just a kind reminder :))
> 
> Anything after --- will be stripped by git am. So there is nothing to
> fix it on commit.

Ack, thanks for the reminder. Sorry to Stefano.

Kind regards,
Henry

> 
> Cheers,
> 
> --
> Julien Grall

^ permalink raw reply	[flat|nested] 5+ messages in thread
end of thread, other threads:[~2022-04-11  1:00 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-04-08  0:10 [PATCH v3] SUPPORT.md: add Dom0less as Supported Stefano Stabellini
2022-04-08  0:50 ` Henry Wang
2022-04-08 17:19   ` Julien Grall
2022-04-11  0:59     ` Henry Wang
2022-04-08 17:24 ` Julien Grall

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.