From: "Michael S. Tsirkin" <mst@redhat.com>
To: Anthony Liguori <anthony@codemonkey.ws>
Cc: glommer@redhat.com, qemu-devel@nongnu.org,
Alexander Graf <agraf@suse.de>,
Kevin O'Connor <kevin@koconnor.net>,
Gerd Hoffmann <kraxel@redhat.com>,
Sebastian Herbszt <herbszt@gmx.de>
Subject: Re: [Qemu-devel] Re: qdev property bug?
Date: Mon, 14 Dec 2009 22:20:20 +0200 [thread overview]
Message-ID: <20091214202019.GF6150@redhat.com> (raw)
In-Reply-To: <4B269933.3010906@codemonkey.ws>
On Mon, Dec 14, 2009 at 01:59:47PM -0600, Anthony Liguori wrote:
> Michael S. Tsirkin wrote:
>> At some level this is wrong. ROM presence is a hardware feature and you
>> definitely need to select your hardware when you create a VM. For real
>> hardware, cards with PXE are sometimes more expensive than without as
>> they need ROM memory. People do select hardware based on this.
>>
>> Even when PXE is present in hardware, most BIOS
>> vendors will let you turn it on/off optionally,
>> for security if not for other reasons.
>>
>> What the default should be depends on whether the
>> majority of our users use PXE. I guess not,
>> and if I am right default should be off.
>>
>
> The real way to pose this question is, what is the impact to users by
> keeping this on to those that don't use it vs. the cost of turning it
> off by default for users that do need it.
>
> So far, it's not clear to me that anyone has demonstrated how this is
> harmful for people that don't want pxe booting. Assuming we fix the bug
> about rom loading, then there's really no impact to users.
>
> Regards,
>
> Anthony Liguori
PXE booting might have security impact. You do not want to
do this if you are on a hostile network.
--
MST
next prev parent reply other threads:[~2009-12-14 20:23 UTC|newest]
Thread overview: 101+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20091213200259.GB25615@redhat.com>
[not found] ` <4B260683.8000506@redhat.com>
[not found] ` <20091214093414.GA30459@redhat.com>
[not found] ` <4B26090B.8010707@redhat.com>
[not found] ` <20091214094406.GB32140@redhat.com>
[not found] ` <4B261082.4030806@redhat.com>
2009-12-14 10:59 ` [Qemu-devel] Re: qdev property bug? Michael S. Tsirkin
2009-12-14 11:55 ` Alexander Graf
2009-12-14 13:24 ` Michael S. Tsirkin
2009-12-14 13:35 ` Alexander Graf
2009-12-14 14:01 ` Michael S. Tsirkin
2009-12-14 17:00 ` Glauber Costa
2009-12-14 14:11 ` Anthony Liguori
2009-12-14 14:11 ` Michael S. Tsirkin
2009-12-14 14:13 ` Michael S. Tsirkin
2009-12-14 14:25 ` Anthony Liguori
2009-12-14 16:20 ` Michael S. Tsirkin
2009-12-14 19:12 ` Sebastian Herbszt
2009-12-14 19:20 ` Michael S. Tsirkin
2009-12-14 19:38 ` Sebastian Herbszt
2009-12-14 19:33 ` Anthony Liguori
2009-12-14 19:42 ` Michael S. Tsirkin
2009-12-14 19:59 ` Anthony Liguori
2009-12-14 20:20 ` Michael S. Tsirkin [this message]
2009-12-14 20:32 ` Gerd Hoffmann
2009-12-14 20:34 ` Michael S. Tsirkin
2009-12-14 20:36 ` Michael S. Tsirkin
2009-12-14 20:44 ` Anthony Liguori
2009-12-14 20:51 ` Michael S. Tsirkin
2009-12-15 2:37 ` Proper support for PCI-based option rom loading (was Re: [Qemu-devel] Re: qdev property bug?) Anthony Liguori
2009-12-15 3:55 ` Kevin O'Connor
2009-12-15 4:34 ` Kevin O'Connor
2009-12-15 13:15 ` Anthony Liguori
2009-12-15 14:20 ` Anthony Liguori
2009-12-15 14:33 ` [SeaBIOS] " Avi Kivity
2009-12-15 17:35 ` Anthony Liguori
2009-12-15 23:54 ` Kevin OConnor
2009-12-16 0:41 ` Anthony Liguori
2009-12-16 4:20 ` Kevin O'Connor
2009-12-15 9:17 ` Gerd Hoffmann
2009-12-15 10:14 ` Gerd Hoffmann
2009-12-15 19:10 ` Anthony Liguori
2009-12-16 12:03 ` Gerd Hoffmann
2009-12-16 12:39 ` Michael S. Tsirkin
2009-12-16 13:42 ` Gerd Hoffmann
2009-12-16 13:52 ` Michael S. Tsirkin
2009-12-16 14:12 ` Kevin O'Connor
2009-12-16 14:14 ` Michael S. Tsirkin
2009-12-16 14:17 ` Gleb Natapov
2009-12-16 14:15 ` Michael S. Tsirkin
2009-12-16 14:18 ` Gleb Natapov
2009-12-16 14:24 ` Michael S. Tsirkin
2009-12-16 14:28 ` Gleb Natapov
2009-12-16 14:28 ` Michael S. Tsirkin
2009-12-15 19:35 ` Anthony Liguori
2009-12-15 21:17 ` Michael S. Tsirkin
2009-12-15 21:41 ` Anthony Liguori
2009-12-16 0:33 ` Chris Wright
2009-12-16 1:32 ` Anthony Liguori
2009-12-16 4:57 ` Kevin O'Connor
2009-12-16 12:31 ` Gerd Hoffmann
2009-12-16 16:22 ` Gerd Hoffmann
2009-12-17 1:24 ` Kevin O'Connor
2009-12-17 9:45 ` Gerd Hoffmann
2009-12-17 9:50 ` Michael S. Tsirkin
2009-12-17 10:40 ` Gerd Hoffmann
2009-12-16 14:41 ` Gerd Hoffmann
2009-12-16 14:41 ` Michael S. Tsirkin
2009-12-16 14:50 ` [SeaBIOS] " Gleb Natapov
2009-12-15 13:16 ` Anthony Liguori
2009-12-15 21:24 ` Sebastian Herbszt
2009-12-15 21:31 ` Anthony Liguori
2009-12-15 21:38 ` Sebastian Herbszt
2009-12-15 22:00 ` Anthony Liguori
2009-12-17 21:14 ` Sebastian Herbszt
2009-12-16 4:29 ` Kevin O'Connor
2009-12-16 12:01 ` Gerd Hoffmann
2009-12-15 19:21 ` Anthony Liguori
2009-12-15 21:19 ` Michael S. Tsirkin
2009-12-15 21:45 ` Anthony Liguori
2009-12-15 21:52 ` Michael S. Tsirkin
2009-12-15 21:57 ` Anthony Liguori
2009-12-15 21:59 ` Michael S. Tsirkin
2009-12-15 22:26 ` Anthony Liguori
2009-12-15 22:51 ` Sebastian Herbszt
2009-12-16 14:49 ` Gerd Hoffmann
2009-12-17 20:33 ` Sebastian Herbszt
2009-12-15 10:51 ` Michael S. Tsirkin
2009-12-15 19:05 ` Anthony Liguori
2009-12-15 19:06 ` Anthony Liguori
2009-12-14 20:43 ` [Qemu-devel] Re: qdev property bug? Anthony Liguori
2009-12-14 20:50 ` Michael S. Tsirkin
2009-12-14 21:05 ` Anthony Liguori
2009-12-14 21:36 ` Sebastian Herbszt
2009-12-14 21:52 ` Anthony Liguori
2009-12-14 22:14 ` Sebastian Herbszt
2009-12-15 4:23 ` Kevin O'Connor
2009-12-14 20:47 ` Sebastian Herbszt
2009-12-14 20:56 ` Anthony Liguori
2009-12-14 20:38 ` Sebastian Herbszt
2009-12-14 19:51 ` Sebastian Herbszt
2009-12-14 14:22 ` Anthony Liguori
2009-12-14 17:03 ` Glauber Costa
2009-12-14 17:01 ` Glauber Costa
2009-12-14 14:10 ` Anthony Liguori
2009-12-14 14:52 ` Gerd Hoffmann
2009-12-14 14:54 ` Anthony Liguori
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20091214202019.GF6150@redhat.com \
--to=mst@redhat.com \
--cc=agraf@suse.de \
--cc=anthony@codemonkey.ws \
--cc=glommer@redhat.com \
--cc=herbszt@gmx.de \
--cc=kevin@koconnor.net \
--cc=kraxel@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.