Cédric Bosdonnat writes ("[PATCH v3] libxl: QED disks support"):
> Qdisk supports qcow and qcow2, extend it to also support qed disk
> format.The patch is good. I have a qualm, though. I think this would increase our security support footprint to include the qemu qed disk format driver. Specifically: * Does the qed format contain a builtin way to refer to other files, like qcow does ? Paradoxically, if it does not, then it is a bigger risk for us: because then it might be reasonable for a user to feed an untrusted qed image file to xl, for use with a likewise-untrusted guest. That means that image-handling bugs in qed would be security bugs which we might have to do security response for. * We should at least consider the possibility that qed might be vulnerable to anomalous guest behaviour. I don't know enough about qed to say much about that. So I would be happy with this patch if it came with a hunk editing docs/misc/qemu-xen-security to say something like: + - backing storage image format: raw, qcow, qcow2, vhd (And we might want to drop vhd...) Ian. _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org https://lists.xen.org/xen-devel
