[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RFC PATCH] xen/arm: Rebranding dom0less feature

  • To: Rich Persaud <persaur@xxxxxxxxx>
  • From: Luca Fancellu <Luca.Fancellu@xxxxxxx>
  • Date: Mon, 3 Jul 2023 08:15:48 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=OQGw7rf6uFTnPj1oTS9nWq0sXkAP5wIfN0+eV5YWRJc=; b=QKft5aUhpq3NuO6DIZBv8UjEBqOPjdmYCxk0n1LZUfmmtaz+xQVEV6X6i02z2LYlHNQUNq6PWzluItPKJEy107zXNE5/bRxQuwK5kZdQAVVcBizO9J+TDFPG+gHt/R0BLvMSd46jjoXxLq2PVv4uK3k7N9WsqEo1+JaEod1u7wRfLufQSuSh66nGit2MNanmoIuy3j6/TLJs8uINnjfTlpT+XsLREjWNP+UltAthmlmF1HOAF86Dg+H5dHn5WD5yh0Is9kTg99i0HnLWPlAilWPPkyuADclZo3aMTIo23FX+h/2791eFIQHE9IcyK0Q9X8VFnrgGLMqj8jrVSjLu2Q==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=iHkog/xOZi7+D7XW0uFg3V0ooJvBWVY+hW+reHS6t5O0Q3BaxLvVNB3i0ZUNn8TLnkIae4HGFXIcS14AtYxgnvaOa7819sD88jPlvYYPMhs+JS9q7mhBiwTFNWN3n4Kvxa7JFp0lZZx9rqQ4h+i1GW11y0qWUq5Hbeq+FkDusifQeiqdMVfq28RkZL4/JkIY/127wwQu72s/4yXS5PvMju3ovle0dIweDQ/dT+s3Udjwz2/U1O6PO0a+RH3K1JSQP2AuA/uaKkUU5sBU6m/VsNPLBWZ2xcoa1b7cKmOY/Qr5lUae+EckQnV9K23WTdrePGnT8PGPcYoUtoneH6Te5w==
  • Authentication-results-original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
  • Cc: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Wei Chen <Wei.Chen@xxxxxxx>, Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Henry Wang <Henry.Wang@xxxxxxx>, Community Manager <community.manager@xxxxxxxxxxxxxx>, Doug Goldstein <cardoe@xxxxxxxxxx>, Bertrand Marquis <Bertrand.Marquis@xxxxxxx>, Volodymyr Babchuk <volodymyr_babchuk@xxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Christopher Clark <christopher.w.clark@xxxxxxxxx>, Daniel Smith <dpsmith@xxxxxxxxxxxxxxxxxxxx>, Daniel DeGraaf <dgdegra@xxxxxxxxxxxxx>, "openxt@xxxxxxxxxxxxxxxx" <openxt@xxxxxxxxxxxxxxxx>, Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx>, Piotr Król <piotr.krol@xxxxxxxxx>
  • Delivery-date: Mon, 03 Jul 2023 08:16:21 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Nodisclaimer: true
  • Original-authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
  • Thread-index: AQHZqzMUKP6yBnvUfEC1egkdxmuozK+koJSAgAMWHYA=
  • Thread-topic: [RFC PATCH] xen/arm: Rebranding dom0less feature

> On 1 Jul 2023, at 10:07, Rich Persaud <persaur@xxxxxxxxx> wrote:
> 
> Hi Luca,
> 
> On Jun 30, 2023, at 05:12, Luca Fancellu <luca.fancellu@xxxxxxx> wrote:
>> 
>> 
>> 
>> The "dom0less" feature was intended to be the feature where a domU
>> domain could be launched without the control domain (Dom0)
>> intervention, however the name seems to suggest that Dom0 cannot
>> be part of the configuration, while instead it's a possible use case.

Hi Rich,

> 
> Thanks for your interest in Xen boot integrity. Please see the 2018 domB RFC:
> https://lists.xenproject.org/archives/html/xen-devel/2018-06/msg01306.html
> 
> At Xen Summit 2018 (Nanjing) and Xen Summit 2019 (Chicago), OpenXT 
> contributors made a case to Xen-on-Arm contributors for the architectural 
> unification of incumbent dom0less (Arm) and the domB (x86) proposal for 
> improving Xen boot integrity.
> 
>> To avoid that, rename the "dom0less" configuration with the name
>> "hyperlaunch", that is less misleading.
> 
> 2018-2022 work on Xen launch integrity, thanks to Apertus and Star Lab: 
> https://wiki.xenproject.org/wiki/Hyperlaunch
> https://www.theregister.com/2022/12/16/xen_4_17_hyperlaunch/
> 
> 2023 Hyperlaunch design session last week, thanks to Apertus and AMD:
> https://lists.xenproject.org/archives/html/xen-devel/2023-06/msg01870.html

Thank you for pointing out the history of this huge work, it is very interesting

> 
>> Signed-off-by: Luca Fancellu <luca.fancellu@xxxxxxx>
> 
> If Arm is now ready to invest engineering resources into new Xen launch 
> integrity features for security and safety-critical use cases, that is 
> exciting news, 5 years into the on-again-off-again bootstrapped Hyperlaunch 
> project! The roadmap would benefit from new funding.

I’m afraid that this patch is not a commitment from Arm into that, that goes 
above my level I’m afraid, but as part of our community work we look closely to 
that and I’m personally interested on the path
taken by this project.

> 
> Would you like to attend the next Xen working group call for Hyperlaunch?

I think Bertrand is already involved into it, even if unfortunately some high 
priority work some times take precedence.

On my side I follow the work on the ML, specifically the one related to the Arm 
side.

Cheers,
Luca

> 
> Rich

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.