Re: [libvirt] [PATCH 0/2] qemu: add new disk type='lun' for bus='virtio'
On Thu, Dec 22, 2011 at 01:39:30PM -0500, Laine Stump wrote:
These two patches are in response to CVE-2011-4127:
http://seclists.org/oss-sec/2011/q4/536
Once the kernel security fix and corresponding qemu mitigation patch
are in place, access to SG_IO commands from qemu guests will be
disabled by default. This patch series provides a way to explicitly
enable such support when it is required.
In a discussion just before sending this patch series, Paolo Bonzini
wondered if rather than the xml syntax being what's proposed
here:
<disk type='block' device='disk' dev='/dev/sda'> <!--
SG_IO off -->
<disk type='lun' device='disk' dev='/dev/sda'> <!--
SG_IO on -->
maybe it should instead be:
<disk type='block' device='disk' dev='/dev/sda'> <!--
SG_IO off -->
<disk type='block' device='lun' dev='/dev/sda'> <!--
SG_IO on -->
I guess it partly depends on whether we would ever want to turn on
SG_IO for a disk with device='cdrom|floppy' vs. if we would ever want
to turn it on for type='file|dir|network'.
Opinions?
The 'type' attribute refers to how the host emulator deals with the
disk.
The 'device' attribute refers to what type of device hardware is exposed
to the guest.
What we're doing here is controlling whether the host emulator allows
SG_IO. The guest visible device hardware has not changed at all. Thus
using the 'type' attribute is the correct approach.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|