[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v3 08/17] SUPPORT.md: Add x86-specific virtual hardware

On Wed, Nov 22, 2017 at 07:20:15PM +0000, George Dunlap wrote:
> x86-specific virtual hardware provided by the hypervisor, toolstack,
> or QEMU.
> 
> Signed-off-by: George Dunlap <george.dunlap@xxxxxxxxxx>
> ---
> Changes since v2:
> - Updated Nested PV / HVM sections
> - Removed AVX section
> - EFI -> OVMF
> 
> Changes since v1:
> - Added emulated QEMU support, to replace docs/misc/qemu-xen-security.
> 
> Need to figure out what to do with the "backing storage image format"
> section of that document.
> 
> CC: Ian Jackson <ian.jackson@xxxxxxxxxx>
> CC: Wei Liu <wei.liu2@xxxxxxxxxx>
> CC: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
> CC: Jan Beulich <jbeulich@xxxxxxxx>
> CC: Stefano Stabellini <sstabellini@xxxxxxxxxx>
> CC: Konrad Wilk <konrad.wilk@xxxxxxxxxx>
> CC: Tim Deegan <tim@xxxxxxx>
> CC: Roger Pau Monne <roger.pau@xxxxxxxxxx>
> CC: Anthony Perard <anthony.perard@xxxxxxxxxx>
> CC: Paul Durrant <paul.durrant@xxxxxxxxxx>
> ---
>  SUPPORT.md | 105 
> +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
>  1 file changed, 105 insertions(+)
> 
> diff --git a/SUPPORT.md b/SUPPORT.md
> index 96c381fb55..98ed18098a 100644
> --- a/SUPPORT.md
> +++ b/SUPPORT.md
> @@ -373,6 +373,111 @@ but has no xl support.
>  
>      Status: Supported
>  
> +## Virtual Hardware, Hypervisor
> +
> +### x86/Nested PV
> +
> +    Status, x86 Xen HVM: Tech Preview
> +
> +This means running a Xen hypervisor inside an HVM domain on a Xen system,
> +with support for PV L2 guests only
> +(i.e., hardware virtualization extensions not provided
> +to the guest).
> +
> +This works, but has performance limitations
> +because the L1 dom0 can only access emulated L1 devices.
> +
> +Xen may also run inside other hypervisors (KVM, Hyper-V, VMWare),
> +but nobody has reported on performance.
> +
> +### x86/Nested HVM
> +
> +    Status, x86 HVM: Experimental
> +
> +This means providing hardware virtulatization support to guest VMs
> +allowing, for instance, a nested Xen to support both PV and HVM guests.
> +It also implies support for other hypervisors,
> +such as KVM, Hyper-V, Bromium, and so on as guests.
> +
> +### vPMU
> +
> +    Status, x86: Supported, Not security supported
> +
> +Virtual Performance Management Unit for HVM guests
> +
> +Disabled by default (enable with hypervisor command line option).
> +This feature is not security supported: see 
> http://xenbits.xen.org/xsa/advisory-163.html
> +
> +## Virtual Hardware, QEMU
> +
> +These are devices available in HVM mode using a qemu devicemodel (the 
> default).
> +Note that other devices are available but not security supported.
> +
> +### x86/Emulated platform devices (QEMU):
> +
> +    Status, piix3: Supported
> +
> +### x86/Emulated network (QEMU):
> +
> +    Status, e1000: Supported
> +    Status, rtl8193: Supported
> +    Status, virtio-net: Supported
> +
> +### x86/Emulated storage (QEMU):
> +
> +    Status, piix3 ide: Supported
> +    Status, ahci: Supported
> +
> +### x86/Emulated graphics (QEMU):
> +
> +    Status, cirrus-vga: Supported
> +    Status, stgvga: Supported
> +
> +### x86/Emulated audio (QEMU):
> +
> +    Status, sb16: Supported
> +    Status, es1370: Supported
> +    Status, ac97: Supported
> +
> +### x86/Emulated input (QEMU):
> +
> +    Status, usbmouse: Supported
> +    Status, usbtablet: Supported
> +    Status, ps/2 keyboard: Supported
> +    Status, ps/2 mouse: Supported
> +
> +### x86/Emulated serial card (QEMU):
> +
> +    Status, UART 16550A: Supported
> +
> +### x86/Host USB passthrough (QEMU):
> +
> +    Status: Supported, not security supported
> +
> +## Virtual Firmware
> +
> +### x86/HVM iPXE
> +
> +    Status: Supported, with caveats
> +
> +Booting a guest via PXE.
> +PXE inherently places full trust of the guest in the network,
> +and so should only be used
> +when the guest network is under the same administrative control
> +as the guest itself.
> +
> +### x86/HVM BIOS
> +
> +    Status: Supported
> +
> +Booting a guest via guest BIOS firmware

Should we mention that the supported BIOS are either SeaBIOS or ROMBIOS
like it is done bellow for UEFI?

> +
> +### x86/HVM OVMF
> +
> +    Status: Supported
> +
> +OVMF firmware implements the UEFI boot protocol.

Otherwise, the patch looks good to me.
Reviewed-by: Anthony PERARD <anthony.perard@xxxxxxxxxx>

-- 
Anthony PERARD

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.