From: Doug Goldstein <cardoe@cardoe.com>
To: Stefano Stabellini <stefano.stabellini@eu.citrix.com>,
xen-devel@lists.xenproject.org
Cc: lars.kurth@citrix.com, Ian.Jackson@eu.citrix.com, JBeulich@suse.com
Subject: Re: [PATCH] docs: spell out limits of security support for qemu-xen
Date: Thu, 25 Feb 2016 20:52:55 -0600 [thread overview]
Message-ID: <56CFBE07.6000502@cardoe.com> (raw)
In-Reply-To: <1456415025-8364-1-git-send-email-stefano.stabellini@eu.citrix.com>
[-- Attachment #1.1: Type: text/plain, Size: 1889 bytes --]
On 2/25/16 9:43 AM, Stefano Stabellini wrote:
> +++ b/docs/misc/qemu-xen-security
> @@ -0,0 +1,20 @@
> +qemu-xen (git://xenbits.xen.org/qemu-xen.git) is only supported for
> +security fixes when used together with the Xen hypervisor and only with
> +a subset of all the possible QEMU emulators. Specifically:
So I'll get my comments on paper here rather than something just
mentioned on IRC. This is exactly why the Xen team should be pushing to
remove as many "in-tree" items as possible. The security surface area of
Xen is huge and statements like this help the CYA factor they don't
completely eliminate the problems of manpower of having to check against
different upstreams if a vulnerability affects you or downstreams doing
something bad causing a security issue for users which ultimately gets
blamed on Xen. There are then further complications where sometimes the
version shipped by Xen isn't an upstream release and so there may be
other vulnerabilities above and beyond what upstream announces.
I urge the Xen maintainers to make it a goal to remove external
libraries and applications (like qemu-xen) from the tree entirely and
recommend the use of the upstream release. I know the concern is testing
but it involves calling out your dependencies just like you do any other
dependency. (e.g. Xen X.Y requires QEMU A.B.C, no guarantees are made
about the compatibility of other versions)
I know Stefano is making an effort with this with Project Raisin and
really that should become the embraced way to stand up a "full" Xen
system from source rather than a hodge podge collection of packages that
are fetched by the Xen build system. This will bring the how developers
use the source packages closer with how many users of distros use Xen
(e.g. a number of distros use upstream QEMU releases instead of qemu-xen).
--
Doug Goldstein
[-- Attachment #1.2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 959 bytes --]
[-- Attachment #2: Type: text/plain, Size: 126 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
next prev parent reply other threads:[~2016-02-26 2:53 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-02-25 15:43 [PATCH] docs: spell out limits of security support for qemu-xen Stefano Stabellini
2016-02-25 15:49 ` Ian Jackson
2016-02-26 2:52 ` Doug Goldstein [this message]
2016-02-26 10:41 ` Lars Kurth
2016-02-26 11:45 ` Stefano Stabellini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56CFBE07.6000502@cardoe.com \
--to=cardoe@cardoe.com \
--cc=Ian.Jackson@eu.citrix.com \
--cc=JBeulich@suse.com \
--cc=lars.kurth@citrix.com \
--cc=stefano.stabellini@eu.citrix.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.