Hi Ian,
On Mon, 2016-12-12 at 17:36 +0000, Ian Jackson wrote:
> Cédric Bosdonnat writes ("[PATCH v3] libxl: QED disks support"):
> > Qdisk supports qcow and qcow2, extend it to also support qed disk
> > format.
>
> The patch is good.
>
> I have a qualm, though. I think this would increase our security
> support footprint to include the qemu qed disk format driver.
>
> Specifically:
>
> * Does the qed format contain a builtin way to refer to other files,
> like qcow does ? Paradoxically, if it does not, then it is a
> bigger risk for us: because then it might be reasonable for a user
> to feed an untrusted qed image file to xl, for use with a
> likewise-untrusted guest. That means that image-handling bugs in
> qed would be security bugs which we might have to do security
> response for.
QED does support backing files, not sure if this is a good or bad news
on the security topic.
> * We should at least consider the possibility that qed might be
> vulnerable to anomalous guest behaviour. I don't know enough about
> qed to say much about that.
>
> So I would be happy with this patch if it came with a hunk editing
> docs/misc/qemu-xen-security to say something like:
>
> + - backing storage image format: raw, qcow, qcow2, vhd
>
> (And we might want to drop vhd...)
I'm not the one deciding what is supported and what is not. Just tell
me what I should add in the patch regarding that and I'll add it.
--
Cedric
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
