On Tuesday, September 10, 2024 11:16:55 AM CEST Christian Schoenebeck wrote: > On Thursday, September 5, 2024 10:22:59 AM CEST Paolo Bonzini wrote: > > It has been deprecated since 8.1; remove it and suggest using permission > > mapping > > or virtiofsd. > > virtfs-proxy-helper is just one component and (implementation detail) being > removed. So I would change the commit log to: > > 9p: remove 'proxy' filesystem backend driver > > It has been deprecated since 8.1; remove it and suggest using 'local' file > system backend driver instead or virtiofsd. > > > Signed-off-by: Paolo Bonzini <pbonz...@redhat.com> > > --- > > MAINTAINERS | 8 - > > docs/about/deprecated.rst | 23 - > > docs/about/removed-features.rst | 14 + > > docs/conf.py | 3 - > > docs/meson.build | 1 - > > docs/tools/index.rst | 1 - > > docs/tools/virtfs-proxy-helper.rst | 75 -- > > meson.build | 8 - > > fsdev/qemu-fsdev.h | 1 - > > fsdev/qemu-fsdev.c | 19 - > > fsdev/virtfs-proxy-helper.c | 1193 -------------------------- > > hw/9pfs/9p-proxy.c | 1279 ---------------------------- > > fsdev/meson.build | 8 - > > hw/9pfs/meson.build | 1 - > > meson_options.txt | 2 - > > qemu-options.hx | 46 - > > scripts/meson-buildoptions. | 0 > > scripts/meson-buildoptions.sh | 4 - > > 18 files changed, 14 insertions(+), 2672 deletions(-) > > delete mode 100644 docs/tools/virtfs-proxy-helper.rst > > delete mode 100644 fsdev/virtfs-proxy-helper.c > > delete mode 100644 hw/9pfs/9p-proxy.c > > create mode 100644 scripts/meson-buildoptions.
One more thing: hw/9pfs/9p-proxy.h should be removed as well. /Christian > [...] > > diff --git a/docs/about/removed-features.rst > > b/docs/about/removed-features.rst > > index 5ae730d02ae..41d3affabfc 100644 > > --- a/docs/about/removed-features.rst > > +++ b/docs/about/removed-features.rst > > @@ -517,6 +517,20 @@ The virtio-blk SCSI passthrough feature is a legacy > > VIRTIO feature. VIRTIO 1.0 > > and later do not support it because the virtio-scsi device was introduced > > for > > full SCSI support. Use virtio-scsi instead when SCSI passthrough is > > required. > > > > +``-fsdev proxy`` and ``-virtfs proxy`` (since 9.2) > > +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > + > > +The 9p ``proxy`` filesystem backend driver was originally developed to > > +enhance security by dispatching low level filesystem operations from 9p > > +server (QEMU process) over to a separate process (the virtfs-proxy-helper > > +binary). However the proxy backend was much slower than the local backend, > > +didn't see any development in years, and showed to be less secure, > > +especially due to the fact that its helper daemon must be run as root. > > + > > +Use ``local``, possibly mapping permissions et al by using its 'mapped' > > +security model option, or switch to ``virtiofs``. The virtiofs daemon > > +``virtiofsd`` uses vhost to eliminate the high latency costs of the 9p > > +``proxy`` backend. > > Probably helpful for users to be more explicit like: > > use ``-fsdev local`` or ``-virtfs local`` > > But in general LGTM, thanks! > > Reviewed-by: Christian Schoenebeck <qemu_...@crudebyte.com> > > Best regards, > Christian Schoenebeck
