|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [v2][PATCH] xen/vtd/iommu: permit group devices to passthrough in relaxed mode
Need to have separate warning/error level for relax/strict. However I don't think this patch is a right fix. So far relax/strict policy is per-domain. what about one VM specifies relax while another VM specifies strict when each is assigned with a device sharing rmrr with the other? In that case it becomes a system-wide security hole. Once we add code to track group relationship cross domains, it'd be close to the final fix to support group assignment which originally target 4.7. It might be risky to add that in 4.6. Yes. So my suggestion is to live with current limitation. But recently someone was encountering this problem. http://www.gossamer-threads.com/lists/xen/devel/391684?page=last We'd better figure out a simple way to this regression. Thanks Tiejun _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |