From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:55599)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <berrange@redhat.com>) id 1W36DM-0003jI-08
	for qemu-devel@nongnu.org; Tue, 14 Jan 2014 10:47:44 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <berrange@redhat.com>) id 1W36DG-0000pq-0t
	for qemu-devel@nongnu.org; Tue, 14 Jan 2014 10:47:39 -0500
Received: from mx1.redhat.com ([209.132.183.28]:61236)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <berrange@redhat.com>) id 1W36DF-0000pm-NM
	for qemu-devel@nongnu.org; Tue, 14 Jan 2014 10:47:33 -0500
Date: Tue, 14 Jan 2014 15:47:18 +0000
From: "Daniel P. Berrange" <berrange@redhat.com>
Message-ID: <20140114154717.GJ15189@redhat.com>
References: <1389632394-10130-1-git-send-email-pbonzini@redhat.com>
	<1389632394-10130-7-git-send-email-pbonzini@redhat.com>
	<52D4658E.10203@twiddle.net>
	<20140114030658.GB9212@T430.nay.redhat.com>
	<52D54DFE.9090605@twiddle.net> <52D5558D.2010208@redhat.com>
	<CAFEAcA-4p_bnfEbD07HYEoMKY2xsBTHQ2oMahNWVooEdbRUA1w@mail.gmail.com>
	<52D55834.5030802@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <52D55834.5030802@redhat.com>
Subject: Re: [Qemu-devel] [PATCH v15 6/9] module: implement module loading
Reply-To: "Daniel P. Berrange" <berrange@redhat.com>
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: Peter Maydell <peter.maydell@linaro.org>, Fam Zheng <famz@redhat.com>, Michael Tokarev <mjt@tls.msk.ru>, QEMU Developers <qemu-devel@nongnu.org>, Alex Bligh <alex@alex.org.uk>, Miroslav Rezanina <mrezanin@redhat.com>, =?utf-8?B?TGx1w61z?= Vilanova <vilanova@ac.upc.edu>, Richard Henderson <rth@twiddle.net>

On Tue, Jan 14, 2014 at 04:31:00PM +0100, Paolo Bonzini wrote:
> Il 14/01/2014 16:25, Peter Maydell ha scritto:
> > I definitely think we want at least a basic molly-guard on
> > "module not compiled for this qemu"; we need not attempt
> > to make it impervious to somebody who's determined to get
> > around it, because that's impossible. Something like the
> > git hash / file hash rth proposes seems reasonable.
> 
> What about the SHA1 of configure?

On its own that is insufficiently variable but if you combined with the
version + pkgversion strings that would be more viable - assuming the
RPM build passed   '--pkgversion %{release}' to make it change on each
new build produced.

Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|