Ian Jackson writes ("Re: [RFC PATCH] xen-block: introduces extra request to 
pass-through SCSI commands"):
> [stuff suggesting use of PVSCSI instead]

For the avoidance of doubt:

1. Thanks very much for bringing this proposal to us at the concept
stage.  It is much easier to discuss these matters in a constructive
way before a lot of effort has been put into an implementation.

2. I should explain the downsides which I see in your proposal:

- Your suggestion has bad security properties: previously, the PV
  block protocol would present only a very simple and narrow
  interface.  Your SCSI CDB passthrough proposal means that guests
  would be able to activate features in SCSI targets which would be
  unexpected and unintended by the host administrator.  Such features
  would perhaps even be unknown to the host administrator.

  This could be mitigated by making this feature configurable, of
  course, defaulting to off, along with clear documentation.  But it's
  not a desirable property.

- For similar reasons it will often be difficult to use such a feature
  safely.  Guest software in particular might expect that it can
  safely use whatever features it can see, and do all sorts of
  exciting things.

- It involves duplicating multiplexing logic which already exists in


Xen-devel mailing list

Reply via email to