-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On Wed, Jan 24, 2018 at 12:15:25PM -0700, Reg Tiangha wrote:
> On 01/24/2018 07:51 AM, Ed wrote:
> > On 01/24/2018 04:29 AM, Andrew David Wong wrote:
> > 
> >> ## Qubes 3.2
> >>
> >> Previously, we had planned to release an update for Qubes 3.2 that would
> >> have made almost all VMs run in PVH mode by backporting support for this
> >> mode from Qubes 4.0. 
> > 
> > Out of curiosity, is this still going to happen? 

Not unless forced otherwise to do so.

> > I would love to see
> > this if possible, not only helping mitigate Meltdown without the
> > performance penalty (I believe), but also would give a nice general
> > security boost to 3.2
> > 
> > Thanks,
> > Ed
> > 
> 
> The thing is, if Qubes intends on sticking with Xen 4.6 on Qubes R3.2,
> then the promise of 1 year extended support after R4.0 is officially
> released may be hard to meet since Xen will discontinue security support
>  in Oct 2018 (Source:
> https://wiki.xenproject.org/wiki/Xen_Project_Release_Features ). That
> means there could be a 3-4+ month period where the Qubes devs would need
> to manually backport from newer versions of Xen any security fixes found
> in Xen during that time frame (in essence, the Qubes project would need
> to take over maintenance of the Xen 4.6 branch for that time period).
> That could increase the support/maintenance burden for the Qubes devs by
> a lot, depending on how complex the security issues are (worse case
> would be another thing like Meltdown/Spectre happening again during that
> time frame after official Xen support ends).

We've tested backported Xen 4.8 with PVH on various machines well
supported by R3.2 and there are some cases where it breaks badly. The
most extreme is hardware lacking EPT, where PVH is like 16x slower than
PV. I'm sure "just" upgrading Xen (without switching to PVH) will also
bring some compatibility problems, maybe for small minority of users,
but still. Similar to major kernel upgrade, as we've seen multiple times.
We promised Qubes 3.2 to be stable, supported release.

See "Upgrade instructions for R3.2 and QSB37 patches" thread on
xen-devel for some examples, and also comments here:
https://github.com/QubesOS/qubes-core-admin/pull/178
https://github.com/QubesOS/qubes-vmm-xen/pull/24

So yes, this means we'll need to support Xen 4.6 ourself for a few
months. It may happen that yet another bug will be found, requiring very
hard to backport changes. But I think it is quite unlikely event. And
even if that happen, we can decide to upgrade Xen then. We already have
part of this work done.

- -- 
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAlppFeMACgkQ24/THMrX
1yxmGQgAk/LLxD5LywTDpZi+Ii7XDHPRT7rkTvbQv6K79S7WfdXvNoXpyCoBOO0/
iR+L4RMzF6OIu861aBiUZo8WiTfoE6dgDu4X/5MNPcewbtGhaOnq6DOiBCMRTW8+
mXtSepu/XVtMqZnAI7vZyBVijVh7UI2CfUfOJnk1Z3zhU9phAGePh7ywSRskrOVI
qOEVb70f9qaB9BV81MjtOjn+nz4IiTid2CQEL2CFPhEWoXqbd1dtQLnemH8j1f1a
uwlNIf76foiJLr0I8iei/SLjLG5YHOtKWNUtBf1jRtTbpZCbu96o9MCMQSjn5ZG8
SR8McukKMgRCYPOCvAA+GJ1DxVWE6w==
=qfqr
-----END PGP SIGNATURE-----

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/20180124232523.GA16234%40mail-itl.
For more options, visit https://groups.google.com/d/optout.

Reply via email to