On 17.08.20 11:45, Peng Fan wrote: >> Subject: Dropping code during runtime (was: Re: [PATCH 06/10] Add >> libbaremetal) >> >> On 8/14/20 8:13 PM, Jan Kiszka wrote: >>>> >>>> If we have a universal binary, there will be a jailhouse disable will >>>> be present in the beginning. Once we decide freeze the configuration, >>>> drop it. If we make those things compile-time configurable, then it >>>> has potential to become a variant hell. >>> >>> Dropping significant code chunks from a root-less jailhouse.bin would >>> be a valuable reason for such a config variant. You do not have to >>> argue over things that are provably not there. >> >> With my approach, things are (provably) not there in the operative phase. It >> depends when you want to attest your system. In the same way, you could >> also argue that Linux, U-boot, the firmware, whatever has been there before >> you made your attest. >> >> What are the parts you could drop during compile time? >> For system partitioning / cell creation, you definitely need to execute the >> code >> at least once - you can not drop it during compile time. > > Is there any use cases currently? > > Saying you have a safe critical cell and non-critical cell, if non-critical > cell > crash or hang, there is no chance to resume that cell. >
If reloading a specific cell during safety-critical operation is a relevant use case (still speculating as such a system wasn't built yet), we need to keep at least the hypercalls that start/stop a cell and that load it from another one. But I'd like to hear a consistent user story for that before designing this in. Jan -- Siemens AG, Corporate Technology, CT RDA IOT SES-DE Corporate Competence Center Embedded Linux -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to jailhouse-dev+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jailhouse-dev/9356b747-915c-22f7-f398-b6d2d3dab77a%40siemens.com.
