|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH 04/17] vmx: nest: domain and vcpu flags
On Thursday 20 May 2010 11:37:53 Tim Deegan wrote: > At 10:41 +0100 on 22 Apr (1271932876), Qing He wrote: > > Introduce a domain create flag to allow user to set availability > > of nested virtualization. > > The flag will be used to disable all reporting and function > > facilities, improving guest security. > > I have the same reservation about this as Christoph's patch: I don't > think this needs to be a create-time flag - there's no reason it can't > be enabled or disabled with a domctl after domain creation. (And of > course we'll want it to bve the same interface on both SVM and VMX.) I already reworked that part to use HVM_PARAM_*. It showed up one caveat: The nestedhvm_enabled() becomes true after p2m_init() run. So the hap-on-hap code wasn't initialized. I worked around that by initialising nestedp2m's in p2m_init() unconditionally of having nestedhvm=1 in the guest config file or not. Christoph -- ---to satisfy European Law for business letters: Advanced Micro Devices GmbH Einsteinring 24, 85609 Dornach b. Muenchen Geschaeftsfuehrer: Andrew Bowd, Thomas M. McCoy, Giuliano Meroni Sitz: Dornach, Gemeinde Aschheim, Landkreis Muenchen Registergericht Muenchen, HRB Nr. 43632 _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |