|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] Modules support in Xen (WAS: Re: [ARM] Native application design and discussion (I hope))
On Fri, 12 May 2017, George Dunlap wrote: > So given your examples, I see no reason not to have several > implementations of different mediators or emulated devices in tree, or > in a XenProject-managed git repo (like mini-os.git). I don't know the > particulars about mediators or the devices you have in mind, but if > you can show technical reasons why they need to be run in the > hypervisor rather than somewhere else (for performance or security > sake, for instance), there's no reason in principle not to add them to > the hypervisor code; and if they're in the hypervisor, then they > should be in xen.git. On the topic of the technical reasons for being out of the hypervisor (EL0 app or stubdom), I'll spend a couple of words on security. How large are these components? If they increase the hypervisor code size too much, it's best if they are run elsewhere. What is their guest-exposed attack surface? If it's large it's best to run them out of the hypervisor. My gut feeling is that both these points might be a problem. _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx https://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |