[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 14/16] SUPPORT.md: Add statement on PCI passthrough



On 11/16/2017 03:43 PM, Julien Grall wrote:
> Hi George,
> 
> On 13/11/17 15:41, George Dunlap wrote:
>> Signed-off-by: George Dunlap <george.dunlap@xxxxxxxxxx>
>> ---
>> CC: Ian Jackson <ian.jackson@xxxxxxxxxx>
>> CC: Wei Liu <wei.liu2@xxxxxxxxxx>
>> CC: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
>> CC: Jan Beulich <jbeulich@xxxxxxxx>
>> CC: Stefano Stabellini <sstabellini@xxxxxxxxxx>
>> CC: Konrad Wilk <konrad.wilk@xxxxxxxxxx>
>> CC: Tim Deegan <tim@xxxxxxx>
>> CC: Rich Persaud <persaur@xxxxxxxxx>
>> CC: Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx>
>> CC: Christopher Clark <christopher.w.clark@xxxxxxxxx>
>> CC: James McKenzie <james.mckenzie@xxxxxxxxxxx>
>> ---
>>   SUPPORT.md | 33 ++++++++++++++++++++++++++++++++-
>>   1 file changed, 32 insertions(+), 1 deletion(-)
>>
>> diff --git a/SUPPORT.md b/SUPPORT.md
>> index 3e352198ce..a8388f3dc5 100644
>> --- a/SUPPORT.md
>> +++ b/SUPPORT.md
>> @@ -454,9 +454,23 @@ there is currently no xl support.
>>     ## Security
>>   +### Driver Domains
>> +
>> +    Status: Supported, with caveats
>> +
>> +"Driver domains" means allowing non-Domain 0 domains
>> +with access to physical devices to act as back-ends.
>> +
>> +See the appropriate "Device Passthrough" section
>> +for more information about security support.
>> +
>>   ### Device Model Stub Domains
>>   -    Status: Supported
>> +    Status: Supported, with caveats
>> +
>> +Vulnerabilities of a device model stub domain
>> +to a hostile driver domain (either compromised or untrusted)
>> +are excluded from security support.
>>     ### KCONFIG Expert
>>   @@ -522,6 +536,23 @@ Virtual Performance Management Unit for HVM guests
>>   Disabled by default (enable with hypervisor command line option).
>>   This feature is not security supported: see
>> http://xenbits.xen.org/xsa/advisory-163.html
>>   +### x86/PCI Device Passthrough
>> +
>> +    Status: Supported, with caveats
>> +
>> +Only systems using IOMMUs will be supported.
>> +
>> +Not compatible with migration, altp2m, introspection, memory sharing,
>> or memory paging.
>> +
>> +Because of hardware limitations
>> +(affecting any operating system or hypervisor),
>> +it is generally not safe to use this feature
>> +to expose a physical device to completely untrusted guests.
>> +However, this feature can still confer significant security benefit
>> +when used to remove drivers and backends from domain 0
>> +(i.e., Driver Domains).
>> +See docs/PCI-IOMMU-bugs.txt for more information.
> 
> Where can I find this file? Is it in staging?

No, I took this from a recommendation made to me, without checking.

Rich, are you going to send a patch adding this file, or did you mean to
point to a different file?

 -George

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.