Received: by 2002:ac0:98c7:0:0:0:0:0 with SMTP id g7-v6csp900808imd; Thu, 1 Nov 2018 07:19:03 -0700 (PDT) X-Google-Smtp-Source: AJdET5cgaQPjQPQnqTR1less0904+7eIeErdsOGXs+x1t0CdTovS3TriPEy9QD+49pFHAncjeY0n X-Received: by 2002:a65:6249:: with SMTP id q9-v6mr7373821pgv.392.1541081943705; Thu, 01 Nov 2018 07:19:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1541081943; cv=none; d=google.com; s=arc-20160816; b=F29J+diNLifn/DHPDEQV88F6qhNOKruL25x8rkqFt45FB2n/U/EitzH3iv4IHROKwQ BaigEgpzLoH9QoNBIRsnsL4xTHkTWgGFT4uksjAKe9ClDArmQAj8F67KOUFtvTmVB78X /ku2Vqj7G5tAqzmRgQwsZGZ6gFkg7Wh1L1c9h3ujK2VOoPCYEVl85/PGU/YvUdbnUeJS xLl7JTJC6oYLA5iSKMXextRZCXR24rLFs4imh0kolKIyYl+QP3REFsaefbp4M8fLKiXQ LOMvflR9JynbAO2YZ1dAcK8p1KbDKXRzZRUEkh0yFnuLjFLRjzMujLanirravKddwYUr HGOw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-disposition :content-transfer-encoding:mime-version:in-reply-to:references :subject:cc:to:from:date:message-id; bh=C5yiVEvsk0fdYQU+IYZZTVkuzgy5otJtccV3D0zE7Xg=; b=EqlZUssm1Yw22pP76ladArwUfpmohP1fpdCED5iOZDFMADQJQ+ZMWEu1A8wV5vevoy B0AP5G9/QRdafX735uxizrFCgky5Qc9Pnma4szvmB7ON5sOWdMegfIS5iprEBr86vJLJ lORVx4RmjGlKqM1SoUOdvu/2LAOL8FFhUlBHF/mSwsmzzsD2i0tT1W3Ib0pP83dmppHq fClEXrN9hbvbBVc1zY2tY3sPI7Ww3ukCy0AWQex8ErNjqwRw/KdWaZJ6IUs3KuCmYPeV E/in2rIdEmZoZEuT3tuRIiiXYYXcOZV3dFnxx6ymNB3my+AuJ2SxaQ1pmNmXKTemvWXu LaVw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id o127-v6si37312158pfb.128.2018.11.01.07.18.47; Thu, 01 Nov 2018 07:19:03 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728653AbeKAXVZ convert rfc822-to-8bit (ORCPT + 99 others); Thu, 1 Nov 2018 19:21:25 -0400 Received: from prv1-mh.provo.novell.com ([137.65.248.33]:48071 "EHLO prv1-mh.provo.novell.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728198AbeKAXVZ (ORCPT ); Thu, 1 Nov 2018 19:21:25 -0400 Received: from INET-PRV1-MTA by prv1-mh.provo.novell.com with Novell_GroupWise; Thu, 01 Nov 2018 08:18:15 -0600 Message-Id: <5BDB0B240200007800142507@prv1-mh.provo.novell.com> X-Mailer: Novell GroupWise Internet Agent 18.0.2 Date: Thu, 01 Nov 2018 08:18:12 -0600 From: "Jan Beulich" To: "Juergen Gross" Cc: , , , , Subject: Re: [Xen-devel] [PATCH] xen: remove size limit of privcmd-buf mapping interface References: <20181101123307.8424-1-jgross@suse.com> In-Reply-To: <20181101123307.8424-1-jgross@suse.com> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 8BIT Content-Disposition: inline Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org >>> Juergen Gross 11/01/18 1:34 PM >>> >Currently the size of hypercall buffers allocated via >/dev/xen/hypercall is limited to a default of 64 memory pages. For live >migration of guests this might be too small as the page dirty bitmask >needs to be sized according to the size of the guest. This means >migrating a 8GB sized guest is already exhausting the default buffer >size for the dirty bitmap. > >There is no sensible way to set a sane limit, so just remove it >completely. The device node's usage is limited to root anyway, so there >is no additional DOS scenario added by allowing unlimited buffers. But is this setting of permissions what we want long term? What about a de-privileged qemu, which still needs to be able to issue at least dm-op hypercalls? Jan