Re: [libvirt] [PATCH 0/2] qemu: Add support for host-model pseries machine option
On Tue, Oct 08, 2019 at 01:46:55PM -0300, Fabiano Rosas wrote:
This series adds support for the -machine,host-model= QEMU option
for
for pseries guests.
Pseries guests used to have a node (/proc/device-tree/host-model) in
device-tree that exposed the host's model string so that guest
userspace tools could determine the host machine they were running on.
QEMU used to provide the node by default, but this has been disabled
due to security concerns. There is now a machine option (host-model)
that allows the user to set an arbitrary string to be used as the host
model.
Userspace tools will then be broken unless the user explicitly edits
the domain XML with the desired host model to be exposed to the
guest. However, having an arbitrary string in the domain XML that
needs to be the same for every guest in that machine but different
across host machines would generate issues with XML portability and
more importantly, migration.
What userspace tool is broken, and in what way ?
Re-introducing the host passthrough to satisfy a broken tool is not
very attractive because it reintroduces the security flaw that the
QEMU change was fixing.
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|