From mboxrd@z Thu Jan  1 00:00:00 1970
From: George Dunlap <george.dunlap@eu.citrix.com>
Subject: Re: [PATCH 2 of 2] xl,
 libxl: Add per-device and global permissive config options for pci
 passthrough
Date: Mon, 2 Apr 2012 17:56:53 +0100
Message-ID: <4F79DA55.7090706@eu.citrix.com>
References: <patchbomb.1333363655@kodo2>
	<62b1030a2485536caf99.1333363657@kodo2>
	<20345.50129.248371.995505@mariner.uk.xensource.com>
	<4F79C912.9010504@eu.citrix.com>
	<20345.51964.865778.569742@mariner.uk.xensource.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
In-Reply-To: <20345.51964.865778.569742@mariner.uk.xensource.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Ian Jackson <Ian.Jackson@eu.citrix.com>
Cc: "xen-devel@lists.xensource.com" <xen-devel@lists.xensource.com>
List-Id: xen-devel@lists.xenproject.org

On 02/04/12 16:51, Ian Jackson wrote:
> George Dunlap writes ("Re: [Xen-devel] [PATCH 2 of 2] xl, libxl: Add per-device and global permissive config options for pci passthrough"):
>> I'm not sure how we can make it more definite.  What's possible (i.e.,
>> the security implications) entirely depends on the card; and what's
>> likely (i.e., the stability implications) entirely depends on the card
>> and the driver.  Short of giving a short discourse on the vices of
>> various cards PCI config space (which is entirely inappropriate for a
>> man page, IMHO), I'm not sure what more we can say.
> Is it generally or usually the case that this option will more
> completely expose the host ?
>
>> I thought it was unnecessary to duplicate, but I can do so if you prefer.
> I guess that depends on how strong a statement it is.
>
>>> I think you should consider breakibg out the sysfs writing function
>>> and refactoring with the very similar code in libxl__device_pci_reset,
>>> rather than introducing yet another clone.
>> I shall consider it. :-)
I think for this patch series I'm probably going to leave it; I'll work 
on it when I add the PCI rebinding stuff.  (Otherwise there's the 
possibility I may end up having to refactor it again.)

  -George