lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <3b4fdddd-67d8-30d3-2a5d-c4d07b6f31c9@oracle.com>
Date:   Thu, 6 Dec 2018 17:34:46 -0500
From:   Boris Ostrovsky <boris.ostrovsky@...cle.com>
To:     Paolo Bonzini <pbonzini@...hat.com>,
        Maran Wilson <maran.wilson@...cle.com>, x86@...nel.org,
        linux-kernel@...r.kernel.org, xen-devel@...ts.xenproject.org,
        kvm@...r.kernel.org, jgross@...e.com
Cc:     tglx@...utronix.de, mingo@...hat.com, hpa@...or.com,
        jpoimboe@...hat.com, kirill.shutemov@...ux.intel.com, bp@...e.de,
        thomas.lendacky@....com, luto@...nel.org,
        dave.hansen@...ux.intel.com, roger.pau@...rix.com,
        rkrcmar@...hat.com, rdunlap@...radead.org
Subject: Re: [PATCH v8 1/7] xen/pvh: Split CONFIG_XEN_PVH into CONFIG_PVH and
 CONFIG_XEN_PVH

On 12/6/18 5:11 PM, Paolo Bonzini wrote:
> On 06/12/18 07:04, Maran Wilson wrote:
>> +config PVH
>> +	bool "Support for running PVH guests"
>> +	---help---
>> +	  This option enables the PVH entry point for guest virtual machines
>> +	  as specified in the x86/HVM direct boot ABI.
>> +
> IIUC this breaks "normal" bzImage boot, so we should have something like
>
> 	The resulting kernel will not boot with most x86 boot loaders
> 	such as GRUB 


Grub support for PVH guests (for Xen) is well under way.


> or SYSLINUX.  Unless you plan to start the kernel
> 	using QEMU or Xen, you probably want to say N here.

I think PVH should not be user-selectable at all. It should be selected
by either XEN_PVH or KVM_GUEST_PVH (which you suggested to drop).

>
> and also
>
> 	depends on !EFI
>
> because even though in principle it would be possible to write a PVH
> loader for UEFI, PVH's start info does not support the EFI handover
> protocol.

But we should be able to build the binary with both EFI and PVH?

-boris

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ