| Message ID | 20171113154126.13038-12-george.dunlap@citrix.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On Mon, Nov 13, 2017 at 03:41:22PM +0000, George Dunlap wrote: > With the exception of driver domains, which depend on PCI passthrough, > and will be introduced later. > > Signed-off-by: George Dunlap <george.dunlap@citrix.com> > --- > CC: Ian Jackson <ian.jackson@citrix.com> > CC: Wei Liu <wei.liu2@citrix.com> > CC: Andrew Cooper <andrew.cooper3@citrix.com> > CC: Jan Beulich <jbeulich@suse.com> > CC: Stefano Stabellini <sstabellini@kernel.org> > CC: Konrad Wilk <konrad.wilk@oracle.com> Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> [the livepatching part] > CC: Tim Deegan <tim@xen.org> > CC: Tamas K Lengyel <tamas.lengyel@zentific.com> > CC: Rich Persaud <persaur@gmail.com> > --- > SUPPORT.md | 34 ++++++++++++++++++++++++++++++++++ > 1 file changed, 34 insertions(+) > > diff --git a/SUPPORT.md b/SUPPORT.md > index 722a29fec5..0f7426593e 100644 > --- a/SUPPORT.md > +++ b/SUPPORT.md > @@ -421,6 +421,40 @@ there is currently no xl support. > > Status: Supported > > +## Security > + > +### Device Model Stub Domains > + > + Status: Supported > + > +### KCONFIG Expert > + > + Status: Experimental > + > +### Live Patching > + > + Status, x86: Supported > + Status, ARM: Experimental > + > +Compile time disabled for ARM > + > +### Virtual Machine Introspection > + > + Status, x86: Supported, not security supported > + > +### XSM & FLASK > + > + Status: Experimental > + > +Compile time disabled > + > +### FLASK default policy > + > + Status: Experimental > + > +The default policy includes FLASK labels and roles for a "typical" Xen-based system > +with dom0, driver domains, stub domains, domUs, and so on. > + > ## Virtual Hardware, Hypervisor > > ### x86/Nested PV > -- > 2.15.0 >
>>> On 13.11.17 at 16:41, <george.dunlap@citrix.com> wrote: > With the exception of driver domains, which depend on PCI passthrough, > and will be introduced later. > > Signed-off-by: George Dunlap <george.dunlap@citrix.com> Shouldn't we also explicitly exclude tool stack disaggregation here, with reference to XSA-77? Jan
On 11/21/2017 08:52 AM, Jan Beulich wrote: >>>> On 13.11.17 at 16:41, <george.dunlap@citrix.com> wrote: >> With the exception of driver domains, which depend on PCI passthrough, >> and will be introduced later. >> >> Signed-off-by: George Dunlap <george.dunlap@citrix.com> > > Shouldn't we also explicitly exclude tool stack disaggregation here, > with reference to XSA-77? Well in this document, we already consider XSM "experimental"; that would seem to subsume the specific exclusions listed in XSA-77. I've modified the "XSM & FLASK" as below; let me know what you think. The other option would be to make separate entries for specific uses of XSM (i.e., "for simple domain restriction" vs "for domain disaggregation"). -George ### XSM & FLASK Status: Experimental Compile time disabled. Also note that using XSM to delegate various domain control hypercalls to particular other domains, rather than only permitting use by dom0, is also specifically excluded from security support for many hypercalls. Please see XSA-77 for more details.
diff --git a/SUPPORT.md b/SUPPORT.md index 722a29fec5..0f7426593e 100644 --- a/SUPPORT.md +++ b/SUPPORT.md @@ -421,6 +421,40 @@ there is currently no xl support. Status: Supported +## Security + +### Device Model Stub Domains + + Status: Supported + +### KCONFIG Expert + + Status: Experimental + +### Live Patching + + Status, x86: Supported + Status, ARM: Experimental + +Compile time disabled for ARM + +### Virtual Machine Introspection + + Status, x86: Supported, not security supported + +### XSM & FLASK + + Status: Experimental + +Compile time disabled + +### FLASK default policy + + Status: Experimental + +The default policy includes FLASK labels and roles for a "typical" Xen-based system +with dom0, driver domains, stub domains, domUs, and so on. + ## Virtual Hardware, Hypervisor ### x86/Nested PV
With the exception of driver domains, which depend on PCI passthrough, and will be introduced later. Signed-off-by: George Dunlap <george.dunlap@citrix.com> --- CC: Ian Jackson <ian.jackson@citrix.com> CC: Wei Liu <wei.liu2@citrix.com> CC: Andrew Cooper <andrew.cooper3@citrix.com> CC: Jan Beulich <jbeulich@suse.com> CC: Stefano Stabellini <sstabellini@kernel.org> CC: Konrad Wilk <konrad.wilk@oracle.com> CC: Tim Deegan <tim@xen.org> CC: Tamas K Lengyel <tamas.lengyel@zentific.com> CC: Rich Persaud <persaur@gmail.com> --- SUPPORT.md | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+)