From mboxrd@z Thu Jan  1 00:00:00 1970
From: Ian Campbell <ian.campbell@citrix.com>
Subject: Re: Xen 4.1.x security support
Date: Tue, 17 Sep 2013 21:46:39 +0100
Message-ID: <1379450799.11304.205.camel@hastur.hellion.org.uk>
References: <52377FC0.6000302@invisiblethingslab.com>
	<5238172E02000078000F3DBB@nat28.tlf.novell.com>
	<52389387.10008@invisiblethingslab.com>
	<52389516.7020905@invisiblethingslab.com>
	<1379445486.11304.195.camel@hastur.hellion.org.uk>
	<5238B3AA.3090805@invisiblethingslab.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
In-Reply-To: <5238B3AA.3090805@invisiblethingslab.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Joanna Rutkowska <joanna@invisiblethingslab.com>
Cc: Marek =?ISO-8859-1?Q?Marczykowski-G=F3recki?= <marmarek@invisiblethingslab.com>, Jan Beulich <JBeulich@suse.com>, "xen-devel@lists.xen.org" <xen-devel@lists.xen.org>
List-Id: xen-devel@lists.xenproject.org

On Tue, 2013-09-17 at 21:55 +0200, Joanna Rutkowska wrote:
> On 09/17/13 21:18, Ian Campbell wrote:
> My point was that you should be adding very few features or none at all,
> keep the hypervisor as simple as possible, do not change the management
> stack all the time, etc.

I think "all the time" is a gross exaggeration TBH.

>  Otherwise it makes it difficult for other
> projects/products who use Xen to catch up. What version does Xen Client
> use, BTW?

I don't know. I'm not sure why you think I would.

> Really, who needs nested virtualization, or XSM -- these are of pure
> academic interest and only make the hypervisor unnecessary bloated, IMO.

Well, that's *your* opinion.

BTW if you want a version of Xen without those things to continue to be
supported then you are very welcome to volunteer to take over
maintenance of the 4.0 (or any, I don't know how far back you'd need to
go to predate XSM for example) stable branch once xen.org support runs
out.

> Why not keep everything that is not "core" as separate repos/projects,
> conditionally compiled/linked with the core hypervisor?

Because that would be an unmanageable nightmare for everyone involved?

> When a hypervisor gets too complex it suddenly looses all its appeal
> over a traditional kernel, doesn't it?

TBH I think you are either focused on only your own needs/requirements
or maybe you are just trolling, in which case I sadly appear to have
fallen for it. In any case I don't think I'll bother reading the rest of
this thread.

Ian.