[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] disable virtfs compilation by default in upstream QEMU

To: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>
From: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>
Date: Tue, 12 Jun 2012 11:30:35 +0100
Cc: "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>, Stefano Stabellini <Stefano.Stabellini@xxxxxxxxxxxxx>
Delivery-date: Tue, 12 Jun 2012 10:31:13 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On Mon, 11 Jun 2012, Ian Jackson wrote:
> Stefano Stabellini writes ("Re: [Xen-devel] [PATCH] disable virtfs 
> compilation by default in upstream QEMU"):
> > On Fri, 8 Jun 2012, Ian Jackson wrote:
> > > So what is the default configuration ?
> > 
> > The default is on.
> >
> > > Do we have any protection from
> > > possible bugs in the virtfs access control system ?
> > 
> > Nothing more and nothing less than QEMU 1.0 stable provides.
> 
> That situation seems like a release-critical bug from our point of
> view.

virtfs is not enabled unless you pass specific arguments to QEMU,
which we do not.

Besides saying that an open source technology X is dangerous because it
has been developed by a different community than ours, without giving
any technical reasons for it, is just spreading FUD.

QEMU provides a much wider surface of attack than just virtfs.
What protections do we have from the other QEMU bugs?

Linux PV backend drivers are directly exposed to guest frontend PV
drivers. What protections do we have in Linux?

What protections do we have from other Linux bugs in dom0?

> And this is relevant because we're now using upstream qemu 1.0 by
> default for some guests.

Only in PV guests, for which this discussion is not relevant.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH] disable virtfs compilation by default in upstream QEMU
  - From: Ian Campbell

References:
- [Xen-devel] [PATCH] disable virtfs compilation by default in upstream QEMU
  - From: Stefano Stabellini
- Re: [Xen-devel] [PATCH] disable virtfs compilation by default in upstream QEMU
  - From: Ian Jackson
- Re: [Xen-devel] [PATCH] disable virtfs compilation by default in upstream QEMU
  - From: Ian Jackson
- Re: [Xen-devel] [PATCH] disable virtfs compilation by default in upstream QEMU
  - From: Stefano Stabellini
- Re: [Xen-devel] [PATCH] disable virtfs compilation by default in upstream QEMU
  - From: Ian Jackson
- Re: [Xen-devel] [PATCH] disable virtfs compilation by default in upstream QEMU
  - From: Stefano Stabellini
- Re: [Xen-devel] [PATCH] disable virtfs compilation by default in upstream QEMU
  - From: Ian Jackson
- Re: [Xen-devel] [PATCH] disable virtfs compilation by default in upstream QEMU
  - From: Stefano Stabellini
- Re: [Xen-devel] [PATCH] disable virtfs compilation by default in upstream QEMU
  - From: Ian Jackson

Prev by Date: Re: [Xen-devel] [PATCH] disable virtfs compilation by default in upstream QEMU
Next by Date: [Xen-devel] [PATCH V2] amd iommu: re-enable iommu msi if dom0 disabled it
Previous by thread: Re: [Xen-devel] [PATCH] disable virtfs compilation by default in upstream QEMU
Next by thread: Re: [Xen-devel] [PATCH] disable virtfs compilation by default in upstream QEMU
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.