+-- On Wed, 13 Feb 2019, David Gibson wrote --+ | > + | > + object_class_property_add_str(oc, "host-serial", | > + machine_get_host_serial, machine_set_host_serial, | > + &error_abort); | > + object_class_property_set_description(oc, "host-serial", | > + "Set host's system-id to use", &error_abort); | > + | > + object_class_property_add_str(oc, "host-model", | > + machine_get_host_model, machine_set_host_model, | > + &error_abort); | > + object_class_property_set_description(oc, "host-model", | > + "Set host's model-id to use", &error_abort); | | You're adding properties to *all* machines, for something that's only | used on the PAPR machine. That doesn't seem right.
I tried to figure out about adding these options to only spapr machine, but it does not seem straight forward as above. | > spapr_machine_4_0_class_options(mc); | > compat_props_add(mc->compat_props, hw_compat_3_1, hw_compat_3_1_len); | > + compat_props_add(mc->compat_props, compat, G_N_ELEMENTS(compat)); | | I'm still not convinced maintaining super-strict backwards compat at | the expense of security is a good tradeoff here, but since the code's | already written, let's run with it. I think current patch will provide a way to help fix the security issue, we can revise it further if required. Thank you. -- Prasad J Pandit / Red Hat Product Security Team 47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F
