>>> On 14.06.16 at 12:47, <wei.l...@citrix.com> wrote: > Andrew and I had a short conversation on IRC about why hvm_fep is only > available to debug build. Here is what he said: > > <andyhhp> liuw: because hvm_fep puts a very large attack surface back > into the hypervisor > <andyhhp> I intoduced it originally to make it easy to test the > instruction emulator without requiring a race condition between > two > vcpus > <andyhhp> so I guess paranoia is the underlying answer to your question > <andyhhp> there is nothing wrong in principle with making available in > non-debug builds > > I think I agree with him that in principle it should be possible to > make hvm_fep available to non-debug build. Andrew also suggested a > sync_console style warning, which I think makes sense.
Properly documented I'm not heavily opposed (but also not fully convinced of this being a good idea). Jan _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
