lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20160608162343.GD13355@leverpostej>
Date:	Wed, 8 Jun 2016 17:23:43 +0100
From:	Mark Rutland <mark.rutland@....com>
To:	Pantelis Antoniou <pantelis.antoniou@...sulko.com>
Cc:	Jan Kiszka <jan.kiszka@...mens.com>,
	devicetree <devicetree@...r.kernel.org>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	Jailhouse <jailhouse-dev@...glegroups.com>,
	Måns Rullgård <mans@...x.de>,
	Antonios Motakis <antonios.motakis@...wei.com>
Subject: Re: Using DT overlays for adding virtual hardware

On Wed, Jun 08, 2016 at 06:57:37PM +0300, Pantelis Antoniou wrote:
> Hi Mark,
> 
> > On Jun 8, 2016, at 18:17 , Mark Rutland <mark.rutland@....com> wrote:
> > 
> > On Wed, Jun 08, 2016 at 04:16:32PM +0200, Jan Kiszka wrote:
> >> Hi all,
> >> 
> >> already started the discussion off-list with Pantelis, but it's better
> >> done in public:
> >> 
> >> I'm currently exploring ways to make Linux recognize dynamically added
> >> virtual hardware when running under the Jailhouse hypervisor [1]. We
> >> need to load drivers for inter-partition communication devices that only
> >> appear after Jailhouse started (which is done from within Linux, i.e.
> >> long after boot) or when a partition was added later on. Probably, we
> >> will simply add a virtual PCI host bridge on systems without physical
> >> PCI and let the IPC device be explored that way (already works on x86).
> >> Still, that leaves us with hotplug and unplug on hypervisor activation
> >> and deactivation.
> > 
> > If I've understood correctly you want to use overlays to inject the
> > virtual PCI host bridge?
> > 
> > Given that you know precisely what you want to inject, I'm not sure I
> > see the value of using an overlay. 
> > 
> > Is there some reason you can't just create a device without having to go
> > via an intermediate step? As I understand it, Xen does that for (some)
> > virtual devices provided to Dom0 and DomU.
> 
> As far as I understand it PCI is just one of the cases. You could conceivably
> inject any kind of virtio device like serial/storage networking etc.

Sure, but we already have PCI transport for virtio devices, and per the
above PCI is the transport used on x86, so I assume that the devices we
really care about are going to be PCI anyhow.

> The question is since overlays exist and do work, why should he do anything else
> besides using them?

For one thing, they only work with DT, and there are ACPI ARM server
platforms out there, for which people may wish to use jailhouse. Tying
this to DT is not necessarily the best idea.

To be clear, I'm not arguing *against* overlays as such, just making
sure that we're not prematurely choosing a solution just becasue it's
the one we're aware of.

Thanks,
Mark.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ