On Fri, 12 May 2017, George Dunlap wrote: > So given your examples, I see no reason not to have several > implementations of different mediators or emulated devices in tree, or > in a XenProject-managed git repo (like mini-os.git). I don't know the > particulars about mediators or the devices you have in mind, but if > you can show technical reasons why they need to be run in the > hypervisor rather than somewhere else (for performance or security > sake, for instance), there's no reason in principle not to add them to > the hypervisor code; and if they're in the hypervisor, then they > should be in xen.git.
On the topic of the technical reasons for being out of the hypervisor (EL0 app or stubdom), I'll spend a couple of words on security. How large are these components? If they increase the hypervisor code size too much, it's best if they are run elsewhere. What is their guest-exposed attack surface? If it's large it's best to run them out of the hypervisor. My gut feeling is that both these points might be a problem. _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org https://lists.xen.org/xen-devel
