[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[xen master] SUPPORT.md: add Dom0less as Supported



commit 8847ec08fd0eecbe3da944fdd49ca3d755e8a9bf
Author:     Stefano Stabellini <sstabellini@xxxxxxxxxx>
AuthorDate: Thu Apr 7 17:10:37 2022 -0700
Commit:     Stefano Stabellini <stefano.stabellini@xxxxxxxxxx>
CommitDate: Fri Apr 8 12:36:10 2022 -0700

    SUPPORT.md: add Dom0less as Supported
    
    Add Dom0less to SUPPORT.md to clarify its support status. The feature is
    mature enough and small enough to make it security supported.
    
    Clarify that dom0less DomUs memory is not scrubbed at boot when
    bootscrub=on or bootscrub=off are passed as Xen command line parameters,
    and no XSAs will be issued for that.
    
    Also see XSA-372: 371347c5b64da and fd5dc41ceaed.
    
    Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxx>
    Reviewed-by: Bertrand Marquis <bertrand.marquis@xxxxxxx>
    Acked-by: Julien Grall <jgrall@xxxxxxxxxx>
---
 SUPPORT.md | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/SUPPORT.md b/SUPPORT.md
index 32fb0aa8de..088dda9561 100644
--- a/SUPPORT.md
+++ b/SUPPORT.md
@@ -882,6 +882,17 @@ OVMF firmware implements the UEFI boot protocol.
 
     Status, qemu-xen: Supported
 
+## Dom0less
+
+Guest creation from the hypervisor at boot without Dom0 intervention.
+
+    Status, ARM: Supported
+
+Memory of dom0less DomUs is not scrubbed at boot when bootscrub=on or
+bootscrub=off are passed as Xen command line parameters. (Memory should
+be scrubbed with bootscrub=idle.) No XSAs will be issues due to
+unscrubbed memory.
+
 # Format and definitions
 
 This file contains prose, and machine-readable fragments.
--
generated by git-patchbot for /home/xen/git/xen.git#master



 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.