'Re: [qubes-devel] Re: Requirements for PVH stubdoms?'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       qubes-devel
Subject:    Re: [qubes-devel] Re: Requirements for PVH stubdoms?
From:       Marek =?utf-8?Q?Marczykowski-G=C3=B3recki?= <marmarek () invisiblethingslab ! com>
Date:       2019-06-30 14:13:24
Message-ID: 20190630141324.GA1250 () mail-itl
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On Sun, Jun 30, 2019 at 03:32:04PM +0200, HW42 wrote:
> Jean-Philippe Ouellet:
> > Hello,
> > 
> > Just out of curiosity - what would be necessary to be able to switch
> > stubdoms to PVH?
> > 
> > I initially assumed this was probably due to some implicit assumptions
> > of PV mem mgmt in the domctl API or something, but with experimental
> > support for PVH dom0s now, surely that can't be it...
> > 
> > Figured I'd ask here before digging into it, since surely someone is
> > already familiar with much of the relevant context which I am missing
> > (though maybe a Xen list would be more appropriate).
> 
> I think (but did not verified it) that you "just" need to go through all
> the stubdom specific code paths and make the required hypercalls
> available in the PVH case (the hypercall itself plus setup of the
> permissions).
> 
> Yes, a Xen list would be probably the better place. Especially if you
> plan to work on it, I think you should first discuss it there to ensure
> that you do it in a way that upstream likes, and coordinate in case
> there are already existing plans/work for this (no idea if this is the
> case).

In addition to the above:
 - toolstack support (should be relatively trivial)
 - PCI passthrough - stubdomain needs access to PCI config space, as its
   emulation is handled by qemu; in theory it should be fine to use
   pcifront/pciback for that, but those won't be happy without the rest
   of PCI passthrough (interrupts, BAR, DMA etc)

There is experimental work on qubes-devel (by Paul Durrant) on
standalone PCI emulators (no qemu). While not directly solving
stubdomain isssue, it may make stubdomain unnecessary for Linux PVH
domains with PCI devices.

- -- 
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAl0Yw4UACgkQ24/THMrX
1ywUNggAkmAeGSFYM4FGmuUF1foPglHkEyuuGNT62Atil+MID54B/ti2ifP71R4O
oS2XIzRHyfCHx7U+R01p10l1CdJHWkOZCRL/zEPdMOacLT5TJ/UFUqJZEt4FTbf5
v7t8k3+vvONdQZsspOw4A7iK92zhXMGWH2bREA4aZVti3VWnyOFWsveGPMXJz+At
qxMbQbUJkkLJgBiq7nSoPmx1J/yO5nsY1NwX6RpEWVXqkTq9QCSpfZkqgI3Nk/wR
Dst3E4Jle1qb94Yw2Z/LpN4eSQWE+haS4NhJrS9jaws6qWqSM1nqJ8fg5CwUK6Ej
i5hev1WAQrRt3Q0xHtTcCEcPViv5aA==
=dxT1
-----END PGP SIGNATURE-----

-- 
You received this message because you are subscribed to the Google Groups \
"qubes-devel" group. To unsubscribe from this group and stop receiving emails from \
it, send an email to qubes-devel+unsubscribe@googlegroups.com. To post to this group, \
send email to qubes-devel@googlegroups.com. To view this discussion on the web visit \
https://groups.google.com/d/msgid/qubes-devel/20190630141324.GA1250%40mail-itl. For \
more options, visit https://groups.google.com/d/optout.


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic