From: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
To: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Cc: elena.ufimtseva@oracle.com, wei.liu2@citrix.com,
"Ian Campbell" <ian.campbell@citrix.com>,
andrew.cooper3@citrix.com,
"Stefano Stabellini" <stefano.stabellini@eu.citrix.com>,
ian.jackson@eu.citrix.com, xen-devel@lists.xenproject.org,
"Roger Pau Monné" <roger.pau@citrix.com>
Subject: Re: [PATCH RFC v1 00/13] Introduce HMV without dm and new boot ABI
Date: Wed, 24 Jun 2015 18:54:08 +0100 [thread overview]
Message-ID: <alpine.DEB.2.02.1506241845060.4360@kaball.uk.xensource.com> (raw)
In-Reply-To: <558ADB1E.2040103@oracle.com>
[-- Attachment #1: Type: text/plain, Size: 874 bytes --]
On Wed, 24 Jun 2015, Boris Ostrovsky wrote:
> On 06/24/2015 09:26 AM, Stefano Stabellini wrote:
> > On Wed, 24 Jun 2015, Roger Pau Monné wrote:
> >
> > > - PCI pass-through.
> > Do we really need PCI pass-through? I see HVMlite mostly useful for
> > Dom0, but also for higher security Linux and BSD guests. If a user wants
> > PCI pass-through, she can always use PV on HVM.
>
> Why is this model not useful for a generic domU? I thought that it should
> eventually become a replacement for what we now have as PVH?
It is useful as generic DomU because it provides a smaller surface of
attack compared to PV on HVM guests. At the same time using PCI
pass-through increases that surface of attack again, decreasing the
value of HVMLite/PVH, at least in my view. But you are right that it
might be nice to have it for feature completeness, if nothing else.
[-- Attachment #2: Type: text/plain, Size: 126 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
next prev parent reply other threads:[~2015-06-24 17:55 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-06-22 16:11 [PATCH RFC v1 00/13] Introduce HMV without dm and new boot ABI Roger Pau Monne
2015-06-22 16:11 ` [PATCH RFC v1 01/13] libxc: split x86 HVM setup_guest into smaller logical functions Roger Pau Monne
2015-06-22 16:11 ` [PATCH RFC v1 02/13] libxc: unify xc_dom_p2m_{host/guest} Roger Pau Monne
2015-06-22 16:11 ` [PATCH RFC v1 03/13] libxc: introduce the notion of a container type Roger Pau Monne
2015-06-22 16:11 ` [PATCH RFC v1 04/13] libxc: allow arch_setup_meminit to populate HVM domain memory Roger Pau Monne
2015-06-25 10:29 ` Wei Liu
2015-06-25 10:33 ` Wei Liu
2015-06-22 16:11 ` [PATCH RFC v1 05/13] libxc: introduce a domain loader for HVM guest firmware Roger Pau Monne
2015-06-23 9:29 ` Jan Beulich
2015-06-23 9:36 ` Roger Pau Monné
2015-07-10 19:09 ` Konrad Rzeszutek Wilk
2015-06-22 16:11 ` [PATCH RFC v1 06/13] libxc: introduce a xc_dom_arch for hvm-3.0-x86_32 guests Roger Pau Monne
2015-06-22 16:11 ` [PATCH RFC v1 07/13] libxl: switch HVM domain building to use xc_dom_* helpers Roger Pau Monne
2015-06-22 16:11 ` [PATCH RFC v1 08/13] libxc: remove dead x86 HVM code Roger Pau Monne
2015-06-22 16:11 ` [PATCH RFC v1 09/13] elfnotes: intorduce a new PHYS_ENTRY elfnote Roger Pau Monne
2015-06-23 9:35 ` Jan Beulich
2015-06-23 9:40 ` Roger Pau Monné
2015-06-23 10:01 ` Jan Beulich
2015-06-22 16:11 ` [PATCH RFC v1 10/13] lib{xc/xl}: allow the creation of HVM domains with a kernel Roger Pau Monne
2015-06-25 10:39 ` Wei Liu
2015-06-22 16:11 ` [PATCH RFC v1 11/13] xen/libxl: allow creating HVM guests without a device model Roger Pau Monne
2015-06-23 9:41 ` Jan Beulich
2015-06-22 16:11 ` [PATCH RFC v1 12/13] xen: allow 64bit HVM guests to use XENMEM_memory_map Roger Pau Monne
2015-06-23 9:43 ` Jan Beulich
2015-06-22 16:11 ` [PATCH RFC v1 13/13] xenconsole: try to attach to PV console if HVM fails Roger Pau Monne
2015-06-22 17:55 ` [PATCH RFC v1 00/13] Introduce HMV without dm and new boot ABI Stefano Stabellini
2015-06-22 18:05 ` Konrad Rzeszutek Wilk
2015-06-23 8:14 ` Roger Pau Monné
2015-06-23 10:55 ` Stefano Stabellini
2015-06-23 12:50 ` Ian Campbell
2015-06-23 13:12 ` Stefano Stabellini
2015-06-24 2:45 ` Boris Ostrovsky
2015-06-24 9:47 ` Roger Pau Monné
2015-06-24 10:05 ` Jan Beulich
2015-06-24 10:14 ` Roger Pau Monné
2015-06-24 11:52 ` Boris Ostrovsky
2015-06-24 12:04 ` Roger Pau Monné
2015-06-24 13:36 ` Konrad Rzeszutek Wilk
2015-07-03 16:22 ` Tim Deegan
2015-06-24 13:26 ` Stefano Stabellini
2015-06-24 16:30 ` Boris Ostrovsky
2015-06-24 17:54 ` Stefano Stabellini [this message]
2015-06-23 7:14 ` Roger Pau Monné
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=alpine.DEB.2.02.1506241845060.4360@kaball.uk.xensource.com \
--to=stefano.stabellini@eu.citrix.com \
--cc=andrew.cooper3@citrix.com \
--cc=boris.ostrovsky@oracle.com \
--cc=elena.ufimtseva@oracle.com \
--cc=ian.campbell@citrix.com \
--cc=ian.jackson@eu.citrix.com \
--cc=roger.pau@citrix.com \
--cc=wei.liu2@citrix.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.