[xen master] SUPPORT.md: Add statement on PCI passthrough

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[xen master] SUPPORT.md: Add statement on PCI passthrough

patchbot
commit 345bb9cd634421f50b732d4f9c89a649a7a1d0db
Author:     George Dunlap <[hidden email]>
AuthorDate: Wed Nov 22 19:19:04 2017 +0000
Commit:     George Dunlap <[hidden email]>
CommitDate: Mon Nov 27 16:48:45 2017 +0000

    SUPPORT.md: Add statement on PCI passthrough
   
    Signed-off-by: George Dunlap <[hidden email]>
    Acked-by: Jan Beulich <[hidden email]>
---
 SUPPORT.md | 34 +++++++++++++++++++++++++++++++++-
 1 file changed, 33 insertions(+), 1 deletion(-)

diff --git a/SUPPORT.md b/SUPPORT.md
index 93629f6..42ffa9f 100644
--- a/SUPPORT.md
+++ b/SUPPORT.md
@@ -487,9 +487,23 @@ but has no xl support.
 
 ## Security
 
+### Driver Domains
+
+    Status: Supported, with caveats
+
+"Driver domains" means allowing non-Domain 0 domains
+with access to physical devices to act as back-ends.
+
+See the appropriate "Device Passthrough" section
+for more information about security support.
+
 ### Device Model Stub Domains
 
-    Status: Supported
+    Status: Supported, with caveats
+
+Vulnerabilities of a device model stub domain
+to a hostile driver domain (either compromised or untrusted)
+are excluded from security support.
 
 ### KCONFIG Expert
 
@@ -560,6 +574,24 @@ Virtual Performance Management Unit for HVM guests
 Disabled by default (enable with hypervisor command line option).
 This feature is not security supported: see http://xenbits.xen.org/xsa/advisory-163.html
 
+### x86/PCI Device Passthrough
+
+    Status, x86 PV: Supported, with caveats
+    Status, x86 HVM: Supported, with caveats
+
+Only systems using IOMMUs are supported.
+
+Not compatible with migration, populate-on-demand, altp2m,
+introspection, memory sharing, or memory paging.
+
+Because of hardware limitations
+(affecting any operating system or hypervisor),
+it is generally not safe to use this feature
+to expose a physical device to completely untrusted guests.
+However, this feature can still confer significant security benefit
+when used to remove drivers and backends from domain 0
+(i.e., Driver Domains).
+
 ### ARM/Non-PCI device passthrough
 
     Status: Supported, not security supported
--
generated by git-patchbot for /home/xen/git/xen.git#master

_______________________________________________
Xen-changelog mailing list
[hidden email]
https://lists.xenproject.org/xen-changelog