[09/16] SUPPORT.md: Add ARM-specific virtual hardware
diff mbox

Message ID 20171113154126.13038-9-george.dunlap@citrix.com
State New, archived
Headers show

Commit Message

George Dunlap Nov. 13, 2017, 3:41 p.m. UTC
Signed-off-by: George Dunlap <george.dunlap@citrix.com>
---
Do we need to add anything more here?

And do we need to include ARM ACPI for guests?

CC: Ian Jackson <ian.jackson@citrix.com>
CC: Wei Liu <wei.liu2@citrix.com>
CC: Andrew Cooper <andrew.cooper3@citrix.com>
CC: Jan Beulich <jbeulich@suse.com>
CC: Stefano Stabellini <sstabellini@kernel.org>
CC: Konrad Wilk <konrad.wilk@oracle.com>
CC: Tim Deegan <tim@xen.org>
CC: Julien Grall <julien.grall@arm.com>
---
 SUPPORT.md | 10 ++++++++++
 1 file changed, 10 insertions(+)

Comments

Julien Grall Nov. 16, 2017, 3:41 p.m. UTC | #1
Hi George,

On 13/11/17 15:41, George Dunlap wrote:
> Signed-off-by: George Dunlap <george.dunlap@citrix.com>
> ---
> Do we need to add anything more here?
> 
> And do we need to include ARM ACPI for guests?
> 
> CC: Ian Jackson <ian.jackson@citrix.com>
> CC: Wei Liu <wei.liu2@citrix.com>
> CC: Andrew Cooper <andrew.cooper3@citrix.com>
> CC: Jan Beulich <jbeulich@suse.com>
> CC: Stefano Stabellini <sstabellini@kernel.org>
> CC: Konrad Wilk <konrad.wilk@oracle.com>
> CC: Tim Deegan <tim@xen.org>
> CC: Julien Grall <julien.grall@arm.com>
> ---
>   SUPPORT.md | 10 ++++++++++
>   1 file changed, 10 insertions(+)
> 
> diff --git a/SUPPORT.md b/SUPPORT.md
> index b95ee0ebe7..8235336c41 100644
> --- a/SUPPORT.md
> +++ b/SUPPORT.md
> @@ -412,6 +412,16 @@ Virtual Performance Management Unit for HVM guests
>   Disabled by default (enable with hypervisor command line option).
>   This feature is not security supported: see http://xenbits.xen.org/xsa/advisory-163.html
>   
> +### ARM/Non-PCI device passthrough
> +
> +    Status: Supported

Sorry I didn't notice that until now. I am not comfortable to say 
"Supported" without any caveats.

As with PCI device passthrough, you at least need an IOMMU present on 
the platform. Sadly, it does not mean all DMA-capable devices on that 
platform will be protected by the IOMMU. This is also assuming, the 
IOMMU do sane things.

There are potentially other problem coming up with MSI support. But I 
haven't yet fully thought about it.

> +
> +### ARM: 16K and 64K page granularity in guests
> +
> +    Status: Supported, with caveats
> +
> +No support for QEMU backends in a 16K or 64K domain.
> +
>   ## Virtual Hardware, QEMU
>   
>   These are devices available in HVM mode using a qemu devicemodel (the default).
> 

Cheers,
Julien Grall Nov. 16, 2017, 3:41 p.m. UTC | #2
Hi George,

On 13/11/17 15:41, George Dunlap wrote:
> Signed-off-by: George Dunlap <george.dunlap@citrix.com>
> ---
> Do we need to add anything more here?
> 
> And do we need to include ARM ACPI for guests?

I don't have any opinion here. However, if we decide to include, then we 
should also include Device-Tree.

> 
> CC: Ian Jackson <ian.jackson@citrix.com>
> CC: Wei Liu <wei.liu2@citrix.com>
> CC: Andrew Cooper <andrew.cooper3@citrix.com>
> CC: Jan Beulich <jbeulich@suse.com>
> CC: Stefano Stabellini <sstabellini@kernel.org>
> CC: Konrad Wilk <konrad.wilk@oracle.com>
> CC: Tim Deegan <tim@xen.org>
> CC: Julien Grall <julien.grall@arm.com>
> ---
>   SUPPORT.md | 10 ++++++++++
>   1 file changed, 10 insertions(+)
> 
> diff --git a/SUPPORT.md b/SUPPORT.md
> index b95ee0ebe7..8235336c41 100644
> --- a/SUPPORT.md
> +++ b/SUPPORT.md
> @@ -412,6 +412,16 @@ Virtual Performance Management Unit for HVM guests
>   Disabled by default (enable with hypervisor command line option).
>   This feature is not security supported: see http://xenbits.xen.org/xsa/advisory-163.html
>   
> +### ARM/Non-PCI device passthrough
> +
> +    Status: Supported
> +
> +### ARM: 16K and 64K page granularity in guests
> +
> +    Status: Supported, with caveats
> +
> +No support for QEMU backends in a 16K or 64K domain.
> +
>   ## Virtual Hardware, QEMU
>   
>   These are devices available in HVM mode using a qemu devicemodel (the default).
>
George Dunlap Nov. 22, 2017, 4:32 p.m. UTC | #3
On 11/16/2017 03:41 PM, Julien Grall wrote:
> Hi George,
> 
> On 13/11/17 15:41, George Dunlap wrote:
>> Signed-off-by: George Dunlap <george.dunlap@citrix.com>
>> ---
>> Do we need to add anything more here?
>>
>> And do we need to include ARM ACPI for guests?
>>
>> CC: Ian Jackson <ian.jackson@citrix.com>
>> CC: Wei Liu <wei.liu2@citrix.com>
>> CC: Andrew Cooper <andrew.cooper3@citrix.com>
>> CC: Jan Beulich <jbeulich@suse.com>
>> CC: Stefano Stabellini <sstabellini@kernel.org>
>> CC: Konrad Wilk <konrad.wilk@oracle.com>
>> CC: Tim Deegan <tim@xen.org>
>> CC: Julien Grall <julien.grall@arm.com>
>> ---
>>   SUPPORT.md | 10 ++++++++++
>>   1 file changed, 10 insertions(+)
>>
>> diff --git a/SUPPORT.md b/SUPPORT.md
>> index b95ee0ebe7..8235336c41 100644
>> --- a/SUPPORT.md
>> +++ b/SUPPORT.md
>> @@ -412,6 +412,16 @@ Virtual Performance Management Unit for HVM guests
>>   Disabled by default (enable with hypervisor command line option).
>>   This feature is not security supported: see
>> http://xenbits.xen.org/xsa/advisory-163.html
>>   +### ARM/Non-PCI device passthrough
>> +
>> +    Status: Supported
> 
> Sorry I didn't notice that until now. I am not comfortable to say
> "Supported" without any caveats.
> 
> As with PCI device passthrough, you at least need an IOMMU present on
> the platform. Sadly, it does not mean all DMA-capable devices on that
> platform will be protected by the IOMMU. This is also assuming, the
> IOMMU do sane things.
> 
> There are potentially other problem coming up with MSI support. But I
> haven't yet fully thought about it.

Shall we make this simply, 'Not security supported' for now?

I'll also mention needing an SMMU and other caveats.

 -George

Patch
diff mbox

diff --git a/SUPPORT.md b/SUPPORT.md
index b95ee0ebe7..8235336c41 100644
--- a/SUPPORT.md
+++ b/SUPPORT.md
@@ -412,6 +412,16 @@  Virtual Performance Management Unit for HVM guests
 Disabled by default (enable with hypervisor command line option).
 This feature is not security supported: see http://xenbits.xen.org/xsa/advisory-163.html
 
+### ARM/Non-PCI device passthrough
+
+    Status: Supported
+
+### ARM: 16K and 64K page granularity in guests
+
+    Status: Supported, with caveats
+
+No support for QEMU backends in a 16K or 64K domain.
+
 ## Virtual Hardware, QEMU
 
 These are devices available in HVM mode using a qemu devicemodel (the default).