From: "Daniel P. Berrangé" <berrange@redhat.com>
To: Stefan Hajnoczi <stefanha@gmail.com>
Cc: "Peter Maydell" <peter.maydell@linaro.org>,
maddy@linux.vnet.ibm.com, qemu-devel@nongnu.org,
"Balamuruhan S" <bala24@linux.ibm.com>,
anju@linux.vnet.ibm.com, clg@kaod.org,
"Stefan Hajnoczi" <stefanha@redhat.com>,
hari@linux.vnet.ibm.com, pbonzini@redhat.com,
"Philippe Mathieu-Daudé" <philmd@redhat.com>,
david@gibson.dropbear.id.au
Subject: Re: [Qemu-devel] [RFC PATCH 1/6] utils/python_api: add scripting interface for Qemu with python lib
Date: Thu, 8 Aug 2019 11:53:07 +0100 [thread overview]
Message-ID: <20190808105307.GE2534@redhat.com> (raw)
In-Reply-To: <20190808101013.GD1999@stefanha-x1.localdomain>
On Thu, Aug 08, 2019 at 11:10:13AM +0100, Stefan Hajnoczi wrote:
> On Wed, Aug 07, 2019 at 12:20:47PM +0200, Philippe Mathieu-Daudé wrote:
> > > +void python_args_clean(char *args[], int nargs)
> > > +{
> > > + for (int i = 0; i < nargs; i++) {
> > > + g_free(args[i]);
> > > + }
> > > +}
> > >
> >
> > Wondering about security, is this feature safe to enable in production
> > environment? It seems to bypass all the hard effort to harden QEMU security.
>
> This seems like a feature that distros would not enable. Only users
> building QEMU from source could enable it.
Well that's true when this scripting is only used from one obscure ppc
device. Once merged though, its inevitable that people will want to
extend scripting to more & more parts of QEMU code. This is a big can
of worms...
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2019-08-08 10:53 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-07 7:14 [Qemu-devel] [RFC PATCH 0/6] Enhancing Qemu MMIO emulation with scripting interface Balamuruhan S
2019-08-07 7:14 ` [Qemu-devel] [RFC PATCH 1/6] utils/python_api: add scripting interface for Qemu with python lib Balamuruhan S
2019-08-07 10:20 ` Philippe Mathieu-Daudé
2019-08-08 10:10 ` Stefan Hajnoczi
2019-08-08 10:33 ` Philippe Mathieu-Daudé
2019-08-08 10:53 ` Daniel P. Berrangé [this message]
2019-08-09 8:46 ` Stefan Hajnoczi
2019-08-12 4:53 ` Balamuruhan S
2019-08-08 10:09 ` Stefan Hajnoczi
2019-08-11 6:39 ` Balamuruhan S
2019-08-08 10:49 ` Daniel P. Berrangé
2019-08-08 12:45 ` Philippe Mathieu-Daudé
2019-08-09 4:39 ` David Gibson
2019-08-12 4:45 ` Balamuruhan S
2019-08-07 7:14 ` [Qemu-devel] [RFC PATCH 2/6] hw/ppc/pnv_xscom: extend xscom to use python interface Balamuruhan S
2019-08-08 9:04 ` Cédric Le Goater
2019-08-07 7:14 ` [Qemu-devel] [RFC PATCH 3/6] hw/ppc/pnv_homer: add homer/occ common area emulation for PowerNV Balamuruhan S
2019-08-07 7:54 ` Cédric Le Goater
2019-08-07 10:07 ` Balamuruhan S
2019-08-08 8:32 ` Cédric Le Goater
2019-08-09 4:44 ` David Gibson
2019-08-11 6:34 ` Balamuruhan S
2019-08-07 7:14 ` [Qemu-devel] [RFC PATCH 4/6] hw/ppc/pnv: initialize and realize homer/occ common area Balamuruhan S
2019-08-07 7:59 ` Cédric Le Goater
2019-08-07 10:12 ` Balamuruhan S
2019-08-08 8:46 ` Cédric Le Goater
2019-08-09 4:45 ` David Gibson
2019-08-07 7:14 ` [Qemu-devel] [RFC PATCH 5/6] hw/ppc/pnv_xscom: retrieve homer/occ base address from PBA BARs Balamuruhan S
2019-08-07 8:01 ` Cédric Le Goater
2019-08-07 10:22 ` Balamuruhan S
2019-08-09 4:45 ` David Gibson
2019-08-07 7:14 ` [Qemu-devel] [RFC PATCH 6/6] hw/ppc/pnv_homer: add python interface support for homer/occ common area Balamuruhan S
2019-08-07 10:27 ` Philippe Mathieu-Daudé
2019-08-11 6:05 ` Balamuruhan S
2019-08-09 4:46 ` David Gibson
2019-08-11 6:19 ` Balamuruhan S
2019-08-07 7:33 ` [Qemu-devel] [RFC PATCH 0/6] Enhancing Qemu MMIO emulation with scripting interface no-reply
2019-08-07 8:15 ` Cédric Le Goater
2019-08-07 10:16 ` Balamuruhan S
2019-08-09 4:49 ` David Gibson
2019-08-12 5:07 ` Balamuruhan S
2019-08-07 8:51 ` no-reply
2019-08-07 9:18 ` no-reply
2019-08-08 10:25 ` Stefan Hajnoczi
2019-08-12 6:03 ` Balamuruhan S
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190808105307.GE2534@redhat.com \
--to=berrange@redhat.com \
--cc=anju@linux.vnet.ibm.com \
--cc=bala24@linux.ibm.com \
--cc=clg@kaod.org \
--cc=david@gibson.dropbear.id.au \
--cc=hari@linux.vnet.ibm.com \
--cc=maddy@linux.vnet.ibm.com \
--cc=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=philmd@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@gmail.com \
--cc=stefanha@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).