[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 14/16] SUPPORT.md: Add statement on PCI passthrough

To: George Dunlap <george.dunlap@xxxxxxxxxx>
From: Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx>
Date: Tue, 14 Nov 2017 14:25:53 +0100
Cc: James McKenzie <james.mckenzie@xxxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, Konrad Wilk <konrad.wilk@xxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Tim Deegan <tim@xxxxxxx>, Christopher Clark <christopher.w.clark@xxxxxxxxx>, Rich Persaud <persaur@xxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
Delivery-date: Tue, 14 Nov 2017 13:26:06 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On Mon, Nov 13, 2017 at 03:41:24PM +0000, George Dunlap wrote:
> Signed-off-by: George Dunlap <george.dunlap@xxxxxxxxxx>
> ---
> CC: Ian Jackson <ian.jackson@xxxxxxxxxx>
> CC: Wei Liu <wei.liu2@xxxxxxxxxx>
> CC: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
> CC: Jan Beulich <jbeulich@xxxxxxxx>
> CC: Stefano Stabellini <sstabellini@xxxxxxxxxx>
> CC: Konrad Wilk <konrad.wilk@xxxxxxxxxx>
> CC: Tim Deegan <tim@xxxxxxx>
> CC: Rich Persaud <persaur@xxxxxxxxx>
> CC: Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx>
> CC: Christopher Clark <christopher.w.clark@xxxxxxxxx>
> CC: James McKenzie <james.mckenzie@xxxxxxxxxxx>
> ---
>  SUPPORT.md | 33 ++++++++++++++++++++++++++++++++-
>  1 file changed, 32 insertions(+), 1 deletion(-)
> 
> diff --git a/SUPPORT.md b/SUPPORT.md
> index 3e352198ce..a8388f3dc5 100644
> --- a/SUPPORT.md
> +++ b/SUPPORT.md

(...)

> @@ -522,6 +536,23 @@ Virtual Performance Management Unit for HVM guests
>  Disabled by default (enable with hypervisor command line option).
>  This feature is not security supported: see 
> http://xenbits.xen.org/xsa/advisory-163.html
>  
> +### x86/PCI Device Passthrough
> +
> +    Status: Supported, with caveats
> +
> +Only systems using IOMMUs will be supported.

s/will be/are/ ?

> +
> +Not compatible with migration, altp2m, introspection, memory sharing, or 
> memory paging.
> +
> +Because of hardware limitations
> +(affecting any operating system or hypervisor),
> +it is generally not safe to use this feature 
> +to expose a physical device to completely untrusted guests.
> +However, this feature can still confer significant security benefit 
> +when used to remove drivers and backends from domain 0
> +(i.e., Driver Domains).
> +See docs/PCI-IOMMU-bugs.txt for more information.
> +
>  ### ARM/Non-PCI device passthrough
>  
>      Status: Supported

-- 
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

Attachment: signature.asc
Description: PGP signature

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH 14/16] SUPPORT.md: Add statement on PCI passthrough
  - From: George Dunlap

References:
- [Xen-devel] [PATCH 01/16] Introduce skeleton SUPPORT.md
  - From: George Dunlap
- [Xen-devel] [PATCH 14/16] SUPPORT.md: Add statement on PCI passthrough
  - From: George Dunlap

Prev by Date: Re: [Xen-devel] [RFC] [Draft Design v2] ACPI/IORT Support in Xen.
Next by Date: Re: [Xen-devel] [PATCH for-4.10] libs/evtchn: Remove active handler on clean-up or failure
Previous by thread: [Xen-devel] [PATCH 14/16] SUPPORT.md: Add statement on PCI passthrough
Next by thread: Re: [Xen-devel] [PATCH 14/16] SUPPORT.md: Add statement on PCI passthrough
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.