[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 3/3] pvh/dom0: whitelist PVH Dom0 ACPI tables



>>> On 13.02.18 at 10:59, <roger.pau@xxxxxxxxxx> wrote:
> On Tue, Feb 13, 2018 at 02:29:08AM -0700, Jan Beulich wrote:
>> >>> On 08.02.18 at 13:25, <roger.pau@xxxxxxxxxx> wrote:
>> > Signed-off-by: Roger Pau Monné <roger.pau@xxxxxxxxxx>
>> 
>> A change like this should not come without description, providing a
>> reason for the change. Otherwise how will someone wanting to
>> understand the change in a couple of years actually be able to
>> make any sense of it. This is in particular because I continue to be
>> not fully convinced that white listing is appropriate in the Dom0
>> case (and for the record I'm similarly unconvinced that black listing
>> is the best choice, yet obviously we need to pick on of the two).
> 
> I'm sorry, I thought we agreed at the summit to convert this to
> whitelisting because it was likely better to simply not expose unknown
> ACPI tables to guests.

"to guests" != "to Dom0".

> I guess the commit message could be something like:
> 
> "The following list of whitelisted APIC tables are either known to work
> or don't require any resources to be mapped in either the IO or the
> memory space.

Even if the white listing vs black listing question wasn't still
undecided, I think we should revert the patch in favor of one
with a description. The one above might be fine with "ACPI" in
place of "APIC" as far as tables actively white listed are
concerned, but then it still remains open why certain tables
haven't been included. I'm in particular worried about various
APEI related tables, but invisibility of e.g. an IBFT could also
lead to boot problems.

Andrew - you've acked and committed this, what is your opinion
here?

Jan

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.