From: George Dunlap Date: Wed, 22 Nov 2017 19:19:04 +0000 (+0000) Subject: SUPPORT.md: Add statement on PCI passthrough X-Git-Tag: archive/raspbian/4.11.1-1+rpi1~1^2~66^2~1007 X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=345bb9cd634421f50b732d4f9c89a649a7a1d0db;p=xen.git SUPPORT.md: Add statement on PCI passthrough Signed-off-by: George Dunlap Acked-by: Jan Beulich --- diff --git a/SUPPORT.md b/SUPPORT.md index 93629f6104..42ffa9fa4d 100644 --- a/SUPPORT.md +++ b/SUPPORT.md @@ -487,9 +487,23 @@ but has no xl support. ## Security +### Driver Domains + + Status: Supported, with caveats + +"Driver domains" means allowing non-Domain 0 domains +with access to physical devices to act as back-ends. + +See the appropriate "Device Passthrough" section +for more information about security support. + ### Device Model Stub Domains - Status: Supported + Status: Supported, with caveats + +Vulnerabilities of a device model stub domain +to a hostile driver domain (either compromised or untrusted) +are excluded from security support. ### KCONFIG Expert @@ -560,6 +574,24 @@ Virtual Performance Management Unit for HVM guests Disabled by default (enable with hypervisor command line option). This feature is not security supported: see http://xenbits.xen.org/xsa/advisory-163.html +### x86/PCI Device Passthrough + + Status, x86 PV: Supported, with caveats + Status, x86 HVM: Supported, with caveats + +Only systems using IOMMUs are supported. + +Not compatible with migration, populate-on-demand, altp2m, +introspection, memory sharing, or memory paging. + +Because of hardware limitations +(affecting any operating system or hypervisor), +it is generally not safe to use this feature +to expose a physical device to completely untrusted guests. +However, this feature can still confer significant security benefit +when used to remove drivers and backends from domain 0 +(i.e., Driver Domains). + ### ARM/Non-PCI device passthrough Status: Supported, not security supported