Le mercredi 12 mars 2014 15:17:53 UTC-7, Marek Marczykowski-Górecki a écrit : > On 12.03.2014 22:10, David Schissler wrote: > > Is there a fundamental reason why VT-x is not or cannot be available from > > within a AppVM or is it simply not implemented? > > Both: Nested VT-x isn't implemented in Xen 4.1 (which is used in Qubes). It is > available in newer versions (AFAIR 4.2+), but even then we don't want to > enable it (at least by default). Is has quite complicated, so have large > attack surface. > > > Also is it true that VT-x is required for 64 bit guests? > > Depending on definition of "required". Technically it is possible to emulate > 64 bit machine in pure software, but I haven't seen any implementation of it. > > -- > Best Regards, > Marek Marczykowski-Górecki > Invisible Things Lab > A: Because it messes up the order in which people normally read text. > Q: Why is top-posting such a bad thing?
Is this still accurate (for R3.2 and/or R4)? Does the inability to use VT-x apply to HVMs or only to AppVMs? Is this state of affairs expected to change in the foreseeable future? (Any design considerations that might make it less unsafe?) If I understand correctly, full/faithful hw-accelerated nested virtualization is not possible in Qubes, but vagrant using e.g. LXC backend could be used for development? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/0570cdb1-1c12-446f-92ec-ece66d0d0396%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
