From: Anthony PERARD <anthony.perard@citrix.com>
To: George Dunlap <george.dunlap@citrix.com>
Cc: Stefano Stabellini <sstabellini@kernel.org>,
Wei Liu <wei.liu2@citrix.com>,
Konrad Wilk <konrad.wilk@oracle.com>,
Andrew Cooper <andrew.cooper3@citrix.com>,
Tim Deegan <tim@xen.org>, Paul Durrant <paul.durrant@citrix.com>,
Jan Beulich <jbeulich@suse.com>,
Ian Jackson <ian.jackson@citrix.com>,
xen-devel@lists.xenproject.org,
Roger Pau Monne <roger.pau@citrix.com>
Subject: Re: [PATCH v3 08/17] SUPPORT.md: Add x86-specific virtual hardware
Date: Mon, 27 Nov 2017 16:43:39 +0000 [thread overview]
Message-ID: <20171127164339.GC2004@perard.uk.xensource.com> (raw)
In-Reply-To: <982fe60b-4a09-2315-79a2-001f6fb98073@citrix.com>
On Mon, Nov 27, 2017 at 04:30:36PM +0000, George Dunlap wrote:
> On 11/27/2017 03:12 PM, Anthony PERARD wrote:
> > On Wed, Nov 22, 2017 at 07:20:15PM +0000, George Dunlap wrote:
> >> x86-specific virtual hardware provided by the hypervisor, toolstack,
> >> or QEMU.
> >>
> >> Signed-off-by: George Dunlap <george.dunlap@citrix.com>
> >> ---
> >> Changes since v2:
> >> - Updated Nested PV / HVM sections
> >> - Removed AVX section
> >> - EFI -> OVMF
> >>
> >> Changes since v1:
> >> - Added emulated QEMU support, to replace docs/misc/qemu-xen-security.
> >>
> >> Need to figure out what to do with the "backing storage image format"
> >> section of that document.
> >>
> >> CC: Ian Jackson <ian.jackson@citrix.com>
> >> CC: Wei Liu <wei.liu2@citrix.com>
> >> CC: Andrew Cooper <andrew.cooper3@citrix.com>
> >> CC: Jan Beulich <jbeulich@suse.com>
> >> CC: Stefano Stabellini <sstabellini@kernel.org>
> >> CC: Konrad Wilk <konrad.wilk@oracle.com>
> >> CC: Tim Deegan <tim@xen.org>
> >> CC: Roger Pau Monne <roger.pau@citrix.com>
> >> CC: Anthony Perard <anthony.perard@citrix.com>
> >> CC: Paul Durrant <paul.durrant@citrix.com>
> >> ---
> >> SUPPORT.md | 105 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
> >> 1 file changed, 105 insertions(+)
> >>
> >> diff --git a/SUPPORT.md b/SUPPORT.md
> >> index 96c381fb55..98ed18098a 100644
> >> --- a/SUPPORT.md
> >> +++ b/SUPPORT.md
> >> @@ -373,6 +373,111 @@ but has no xl support.
> >>
> >> Status: Supported
> >>
> >> +## Virtual Hardware, Hypervisor
> >> +
> >> +### x86/Nested PV
> >> +
> >> + Status, x86 Xen HVM: Tech Preview
> >> +
> >> +This means running a Xen hypervisor inside an HVM domain on a Xen system,
> >> +with support for PV L2 guests only
> >> +(i.e., hardware virtualization extensions not provided
> >> +to the guest).
> >> +
> >> +This works, but has performance limitations
> >> +because the L1 dom0 can only access emulated L1 devices.
> >> +
> >> +Xen may also run inside other hypervisors (KVM, Hyper-V, VMWare),
> >> +but nobody has reported on performance.
> >> +
> >> +### x86/Nested HVM
> >> +
> >> + Status, x86 HVM: Experimental
> >> +
> >> +This means providing hardware virtulatization support to guest VMs
> >> +allowing, for instance, a nested Xen to support both PV and HVM guests.
> >> +It also implies support for other hypervisors,
> >> +such as KVM, Hyper-V, Bromium, and so on as guests.
> >> +
> >> +### vPMU
> >> +
> >> + Status, x86: Supported, Not security supported
> >> +
> >> +Virtual Performance Management Unit for HVM guests
> >> +
> >> +Disabled by default (enable with hypervisor command line option).
> >> +This feature is not security supported: see http://xenbits.xen.org/xsa/advisory-163.html
> >> +
> >> +## Virtual Hardware, QEMU
> >> +
> >> +These are devices available in HVM mode using a qemu devicemodel (the default).
> >> +Note that other devices are available but not security supported.
> >> +
> >> +### x86/Emulated platform devices (QEMU):
> >> +
> >> + Status, piix3: Supported
> >> +
> >> +### x86/Emulated network (QEMU):
> >> +
> >> + Status, e1000: Supported
> >> + Status, rtl8193: Supported
> >> + Status, virtio-net: Supported
> >> +
> >> +### x86/Emulated storage (QEMU):
> >> +
> >> + Status, piix3 ide: Supported
> >> + Status, ahci: Supported
> >> +
> >> +### x86/Emulated graphics (QEMU):
> >> +
> >> + Status, cirrus-vga: Supported
> >> + Status, stgvga: Supported
> >> +
> >> +### x86/Emulated audio (QEMU):
> >> +
> >> + Status, sb16: Supported
> >> + Status, es1370: Supported
> >> + Status, ac97: Supported
> >> +
> >> +### x86/Emulated input (QEMU):
> >> +
> >> + Status, usbmouse: Supported
> >> + Status, usbtablet: Supported
> >> + Status, ps/2 keyboard: Supported
> >> + Status, ps/2 mouse: Supported
> >> +
> >> +### x86/Emulated serial card (QEMU):
> >> +
> >> + Status, UART 16550A: Supported
> >> +
> >> +### x86/Host USB passthrough (QEMU):
> >> +
> >> + Status: Supported, not security supported
> >> +
> >> +## Virtual Firmware
> >> +
> >> +### x86/HVM iPXE
> >> +
> >> + Status: Supported, with caveats
> >> +
> >> +Booting a guest via PXE.
> >> +PXE inherently places full trust of the guest in the network,
> >> +and so should only be used
> >> +when the guest network is under the same administrative control
> >> +as the guest itself.
> >> +
> >> +### x86/HVM BIOS
> >> +
> >> + Status: Supported
> >> +
> >> +Booting a guest via guest BIOS firmware
> >
> > Should we mention that the supported BIOS are either SeaBIOS or ROMBIOS
> > like it is done bellow for UEFI?
>
> What about something like this:
>
> ---
> ### x86/HVM BIOS
>
> Status, SeaBIOS (qemu-xen): Supported
> Status, ROMBIOS (qemu-xen-traditional): Supported
>
> Booting a guest via guest BIOS firmware
> ---
>
> Hmm, but that rather implies that we should change OVMF to the following:
>
> ---
> ### x86/HVM OVMF
>
> Status, qemu-xen: Supported
>
> OVMF firmware implements the UEFI boot protocol.
> ---
>
>
> What do you think?
Sounds good to me.
--
Anthony PERARD
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
next prev parent reply other threads:[~2017-11-27 16:43 UTC|newest]
Thread overview: 58+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-22 19:20 [PATCH v3 01/17] Introduce skeleton SUPPORT.md George Dunlap
2017-11-22 19:20 ` [PATCH v3 02/17] SUPPORT.md: Add core functionality George Dunlap
2017-11-23 10:46 ` Jan Beulich
2017-11-22 19:20 ` [PATCH v3 03/17] SUPPORT.md: Add some x86 features George Dunlap
2017-11-23 10:47 ` Jan Beulich
2017-11-22 19:20 ` [PATCH v3 04/17] SUPPORT.md: Add core ARM features George Dunlap
2017-11-23 11:11 ` Julien Grall
2017-11-23 11:13 ` George Dunlap
2017-11-23 11:15 ` Julien Grall
2017-11-22 19:20 ` [PATCH v3 05/17] SUPPORT.md: Toolstack core George Dunlap
2017-11-24 16:26 ` Ian Jackson
2017-11-27 10:27 ` George Dunlap
2017-11-27 11:43 ` Roger Pau Monné
2017-11-27 14:12 ` George Dunlap
2017-11-27 14:39 ` Roger Pau Monné
2017-11-27 14:40 ` George Dunlap
2017-11-27 14:58 ` George Dunlap
2017-11-27 15:02 ` Roger Pau Monné
2017-11-27 14:15 ` George Dunlap
2017-11-27 14:36 ` Roger Pau Monné
2017-11-22 19:20 ` [PATCH v3 06/17] SUPPORT.md: Add scalability features George Dunlap
2017-11-23 10:50 ` Jan Beulich
2017-11-23 16:52 ` George Dunlap
2017-11-23 11:12 ` Julien Grall
2017-11-22 19:20 ` [PATCH v3 07/17] SUPPORT.md: Add virtual devices common to ARM and x86 George Dunlap
2017-11-23 8:50 ` Paul Durrant
2017-11-23 10:59 ` Jan Beulich
2017-11-23 17:02 ` George Dunlap
2017-11-22 19:20 ` [PATCH v3 08/17] SUPPORT.md: Add x86-specific virtual hardware George Dunlap
2017-11-23 11:07 ` Jan Beulich
2017-11-27 15:12 ` Anthony PERARD
2017-11-27 16:30 ` George Dunlap
2017-11-27 16:43 ` Anthony PERARD [this message]
2017-11-22 19:20 ` [PATCH v3 09/17] SUPPORT.md: Add ARM-specific " George Dunlap
2017-11-23 11:14 ` Julien Grall
2017-11-22 19:20 ` [PATCH v3 10/17] SUPPORT.md: Add Debugging, analysis, crash post-portem George Dunlap
2017-11-23 11:15 ` Jan Beulich
2017-11-23 17:08 ` George Dunlap
2017-11-24 8:04 ` Jan Beulich
2017-11-27 14:18 ` George Dunlap
2017-11-22 19:20 ` [PATCH v3 11/17] SUPPORT.md: Add 'easy' HA / FT features George Dunlap
2017-11-22 19:20 ` [PATCH v3 12/17] SUPPORT.md: Add Security-releated features George Dunlap
2017-11-23 11:16 ` Jan Beulich
2017-11-23 17:14 ` George Dunlap
2017-11-22 19:20 ` [PATCH v3 13/17] SUPPORT.md: Add secondary memory management features George Dunlap
2017-11-22 19:20 ` [PATCH v3 14/17] SUPPORT.md: Add statement on PCI passthrough George Dunlap
2017-11-23 11:17 ` Jan Beulich
2017-11-27 14:48 ` George Dunlap
2017-11-27 15:04 ` Jan Beulich
2017-11-27 15:05 ` George Dunlap
2017-11-22 19:20 ` [PATCH v3 15/17] SUPPORT.md: Add statement on migration RFC George Dunlap
2017-11-23 11:19 ` Jan Beulich
2017-11-22 19:20 ` [PATCH v3 16/17] SUPPORT.md: Add limits RFC George Dunlap
2017-11-23 11:21 ` Jan Beulich
2017-11-23 17:21 ` George Dunlap
2017-11-24 8:14 ` Jan Beulich
2017-11-27 14:35 ` George Dunlap
2017-11-22 19:20 ` [PATCH v3 17/17] SUPPORT.md: Miscellaneous additions George Dunlap
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171127164339.GC2004@perard.uk.xensource.com \
--to=anthony.perard@citrix.com \
--cc=andrew.cooper3@citrix.com \
--cc=george.dunlap@citrix.com \
--cc=ian.jackson@citrix.com \
--cc=jbeulich@suse.com \
--cc=konrad.wilk@oracle.com \
--cc=paul.durrant@citrix.com \
--cc=roger.pau@citrix.com \
--cc=sstabellini@kernel.org \
--cc=tim@xen.org \
--cc=wei.liu2@citrix.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.