From: Wei Liu <wei.liu2@citrix.com>
To: Jan Beulich <JBeulich@suse.com>,
Andrew Cooper <andrew.cooper3@citrix.com>
Cc: Xen-devel <xen-devel@lists.xenproject.org>,
Wei Liu <wei.liu2@citrix.com>
Subject: Make hvm_fep available to non-debug build as well?
Date: Tue, 14 Jun 2016 11:47:22 +0100 [thread overview]
Message-ID: <20160614104722.GH28116@citrix.com> (raw)
Andrew and I had a short conversation on IRC about why hvm_fep is only
available to debug build. Here is what he said:
<andyhhp> liuw: because hvm_fep puts a very large attack surface back
into the hypervisor
<andyhhp> I intoduced it originally to make it easy to test the
instruction emulator without requiring a race condition between two
vcpus
<andyhhp> so I guess paranoia is the underlying answer to your question
<andyhhp> there is nothing wrong in principle with making available in
non-debug builds
I think I agree with him that in principle it should be possible to
make hvm_fep available to non-debug build. Andrew also suggested a
sync_console style warning, which I think makes sense.
If hvm_fep is enabled, we also should not provide any security support,
because the attack surface is widen. That should be reflected in the
warning message.
I think there is one major benefit for making hvm_fep available to
non-debug build: user can replicate the exact setup in production and
use XTF to test if it is vulnerable to various issues.
My own reason for having hvm_fep for non-debug builds is that would make
integrating it with osstest much easier, and possibly require less
resources from osstest.
I want XTF to run on every flight and gate xen-unstable. Remember that
we switch from debug to non-debug build at some point during release
process -- if hvm_fep is only available to debug build, that would
require some more arrangement to run such tests. We also essentially
test less for non-debug build, which is not very desirable.
Thoughts?
Wei.
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
next reply other threads:[~2016-06-14 10:47 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-06-14 10:47 Wei Liu [this message]
2016-06-14 10:54 ` Make hvm_fep available to non-debug build as well? Jan Beulich
2016-06-14 11:36 ` Andrew Cooper
2016-06-15 14:16 ` Wei Liu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160614104722.GH28116@citrix.com \
--to=wei.liu2@citrix.com \
--cc=JBeulich@suse.com \
--cc=andrew.cooper3@citrix.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.