| Message ID | alpine.DEB.2.22.394.2204071706470.2910984@ubuntu-linux-20-04-desktop (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [v3] SUPPORT.md: add Dom0less as Supported | expand |
Hi Stefano, > -----Original Message----- > From: Xen-devel <xen-devel-bounces@lists.xenproject.org> On Behalf Of > Stefano Stabellini > Sent: Friday, April 8, 2022 8:11 AM > To: xen-devel@lists.xenproject.org > Cc: sstabellini@kernel.org; julien@xen.org; andrew.cooper3@citrix.com; > george.dunlap@citrix.com; jbeulich@suse.com; wl@xen.org > Subject: [PATCH v3] SUPPORT.md: add Dom0less as Supported > > Add Dom0less to SUPPORT.md to clarify its support status. The feature is > mature enough and small enough to make it security supported. > > Clarify that dom0less DomUs memory is not scrubbed at boot when > bootscrub=on or bootscrub=off are passed as Xen command line parameters, > and no XSAs will be issued for that. > > Also see XSA-372: 371347c5b64da and fd5dc41ceaed. > > Signed-off-by: Stefano Stabellini <stefano.stabellini@xilinx.com> > Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com> > --- > Changes in v3: > - improve commit messahe For the patch I don't have any comments, but I think here we've got a typo: s/messahe/message. I think it is ok to fix while committing this patch so this is just a kind reminder :)) Kind regards, Henry
Hi Henry, On 08/04/2022 01:50, Henry Wang wrote: >> -----Original Message----- >> From: Xen-devel <xen-devel-bounces@lists.xenproject.org> On Behalf Of >> Stefano Stabellini >> Sent: Friday, April 8, 2022 8:11 AM >> To: xen-devel@lists.xenproject.org >> Cc: sstabellini@kernel.org; julien@xen.org; andrew.cooper3@citrix.com; >> george.dunlap@citrix.com; jbeulich@suse.com; wl@xen.org >> Subject: [PATCH v3] SUPPORT.md: add Dom0less as Supported >> >> Add Dom0less to SUPPORT.md to clarify its support status. The feature is >> mature enough and small enough to make it security supported. >> >> Clarify that dom0less DomUs memory is not scrubbed at boot when >> bootscrub=on or bootscrub=off are passed as Xen command line parameters, >> and no XSAs will be issued for that. >> >> Also see XSA-372: 371347c5b64da and fd5dc41ceaed. >> >> Signed-off-by: Stefano Stabellini <stefano.stabellini@xilinx.com> >> Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com> >> --- >> Changes in v3: >> - improve commit messahe > > For the patch I don't have any comments, but I think here we've got > a typo: s/messahe/message. I think it is ok to fix while committing this > patch so this is just a kind reminder :)) Anything after --- will be stripped by git am. So there is nothing to fix it on commit. Cheers,
Hi, On 08/04/2022 01:10, Stefano Stabellini wrote: > Add Dom0less to SUPPORT.md to clarify its support status. The feature is > mature enough and small enough to make it security supported. > > Clarify that dom0less DomUs memory is not scrubbed at boot when > bootscrub=on or bootscrub=off are passed as Xen command line parameters, > and no XSAs will be issued for that. > > Also see XSA-372: 371347c5b64da and fd5dc41ceaed. > > Signed-off-by: Stefano Stabellini <stefano.stabellini@xilinx.com> > Reviewed-by: Bertrand Marquis <bertrand.marquis@arm.com> Acked-by: Julien Grall <jgrall@amazon.com> Cheers,
Hi Julien and Stefano, > -----Original Message----- > From: Julien Grall <julien@xen.org> > > > > For the patch I don't have any comments, but I think here we've got > > a typo: s/messahe/message. I think it is ok to fix while committing this > > patch so this is just a kind reminder :)) > > Anything after --- will be stripped by git am. So there is nothing to > fix it on commit. Ack, thanks for the reminder. Sorry to Stefano. Kind regards, Henry > > Cheers, > > -- > Julien Grall
diff --git a/SUPPORT.md b/SUPPORT.md index 32fb0aa8de..088dda9561 100644 --- a/SUPPORT.md +++ b/SUPPORT.md @@ -882,6 +882,17 @@ OVMF firmware implements the UEFI boot protocol. Status, qemu-xen: Supported +## Dom0less + +Guest creation from the hypervisor at boot without Dom0 intervention. + + Status, ARM: Supported + +Memory of dom0less DomUs is not scrubbed at boot when bootscrub=on or +bootscrub=off are passed as Xen command line parameters. (Memory should +be scrubbed with bootscrub=idle.) No XSAs will be issues due to +unscrubbed memory. + # Format and definitions This file contains prose, and machine-readable fragments.