[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Dealing with non-existent BDF devices in VT-d and in the hardware.



>>> On 24.03.14 at 03:37, <yang.z.zhang@xxxxxxxxx> wrote:
> Jan Beulich wrote on 2014-03-20:
>>>>> On 20.03.14 at 01:48, "Zhang, Yang Z" <yang.z.zhang@xxxxxxxxx> wrote:
>>> fake a device is a solution. But I am thinking (maybe I am wrong) why
>>> not setup all VT-d entries under a bridge if passing a PCI device under
>>> a bridge. Because when passing a PCI device under a bridge, all devices
>>> under bridge should be assigned to the guest too. What current Xen dose
>>> is only set the entry which has device, so why not extend it to setup
>>> all entries? In this case, there is no user input is required.
>> 
>> You'd have to prove that this doesn't impact isolation/security.
> 
> Yes, this need more deeply think. 
> 
> BTW, do you see any potential issue with doing this?

Not a concrete one - I simply think that security/isolation guarantees
are easier to validate if permissions for a guest are kept to the smallest
possible set. So without full proof of the security of above concept I
think we should accept the new behavior only as an opt-in (via
command line or domain config option).

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.