From mboxrd@z Thu Jan  1 00:00:00 1970
From: Don Slutz <dslutz@verizon.com>
Subject: Re: [PATCH for-4.5 v6 05/16] tools: Add vmware_port
	support
Date: Wed, 24 Sep 2014 14:25:12 -0400
Message-ID: <54230C88.6080207@terremark.com>
References: <1411236447-7435-1-git-send-email-dslutz@verizon.com>	
	<1411236447-7435-6-git-send-email-dslutz@verizon.com>
	<1411393315.18331.104.camel@kazak.uk.xensource.com>
	<54204FA5.7020104@citrix.com> <5420930A.2020300@terremark.com>
	<5422F03B.30900@eu.citrix.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
In-Reply-To: <5422F03B.30900@eu.citrix.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: George Dunlap <george.dunlap@eu.citrix.com>, Don Slutz <dslutz@verizon.com>, Andrew Cooper <andrew.cooper3@citrix.com>, Ian Campbell <Ian.Campbell@citrix.com>
Cc: Tim Deegan <tim@xen.org>, Kevin Tian <kevin.tian@intel.com>, Keir Fraser <keir@xen.org>, Jun Nakajima <jun.nakajima@intel.com>, Stefano Stabellini <stefano.stabellini@eu.citrix.com>, Ian Jackson <ian.jackson@eu.citrix.com>, Eddie Dong <eddie.dong@intel.com>, xen-devel@lists.xen.org, Aravind Gopalakrishnan <Aravind.Gopalakrishnan@amd.com>, Jan Beulich <jbeulich@suse.com>, Boris Ostrovsky <boris.ostrovsky@oracle.com>, Suravee Suthikulpanit <suravee.suthikulpanit@amd.com>
List-Id: xen-devel@lists.xenproject.org


On 09/24/14 12:24, George Dunlap wrote:
> On 09/22/2014 10:22 PM, Don Slutz wrote:
>> On 09/22/14 12:34, Andrew Cooper wrote:
>>> On 22/09/14 14:41, Ian Campbell wrote:
>>>> On Sat, 2014-09-20 at 14:07 -0400, Don Slutz wrote:
>>>>> This new libxl_domain_create_info field is used to set
>>>>> XEN_DOMCTL_CDF_vmware_port for the xc_domain_create() routine.
>>>> Does this really need to be a CDF, rather than a domctl/hvm param?
>>> I have made the argument that many things which are currently HVM 
>>> Params
>>> should be CDF, as they absolutely should be set and immutable for the
>>> entire lifetime of the domain.
>>>
>>>  From recollection, we have had several XSAs in the past which are
>>> directly attributable to the toolstack or guest being able to play with
>>> an (insufficiently locked down) HVM param after boot.
>>>
>>> Using a CDF avoids potential issues along these lines.
>>
>> It also allow setting up v->arch.hvm_vmx.exception_bitmap at
>> the right time.  domctl/hvm params are setup much latter in
>> the life of a domain.
>
> Isn't that already modified on a cr change (a la vmx_update_guest_cr())?
>


The following is not true for my testing:

         if ( (!vmx_unrestricted_guest(v)) &&
              (realmode != v->arch.hvm_vmx.vmx_realmode) )
         {


vmx_unrestricted_guest() is true.

> Or did you mean the SVM side?
>

Also needed there.

> I'm not making an argument either way (although at the moment I'm more 
> sympathetic to Andy's view), just questioning whether setting the exit 
> flag is that much of an argument one way or another.
>

Since Andy and the exit flag are saying the same thing, I do not
care which is a better argument.  (I.E. the way it is coded in this
patch).


    -Don Slutz

>  -George
>