From: Jan Kiszka <jan.kiszka@web.de>
To: qemu-devel@nongnu.org
Subject: [Qemu-devel] Re: [PATCH 0/9] encryption code changes
Date: Fri, 06 Feb 2009 22:57:15 +0100 [thread overview]
Message-ID: <498CB23B.4020209@web.de> (raw)
In-Reply-To: <1233954540-4754-1-git-send-email-ehabkost@redhat.com>
[-- Attachment #1: Type: text/plain, Size: 1114 bytes --]
Eduardo Habkost wrote:
> Hi,
>
> This patch series for qemu contain multiple changes on the way encryption
> and authentication code is handled.
>
> The first patch is a behaviour change to avoid silent security holes on
> the VNC server caused by user configuration errors.
>
> Patches 2 and 3 are bugfixes to some of the multiple problems
> I had with monitor_readline(), when testing the qcow encryption
> support. monitor_readline() is still not completely functional, but
> at least it allows the qcow password to be read when an qcow encrypted
> image is specified on the command-line, now.
Don't worry about monitor and readline, I'm reworking it ATM, hope being
able to post the result by the end of this WE.
It's true there are more fundamental things broken (VM is blocked while
reading passwords, console mux'ing is clumsy), and some things are still
broken even with your patches (mounting encrypted USB disks on startup,
reading passwords from virtual consoles). Sigh, this all looked trivial
to get right on first sight but turned out to be _much_ more freaky...
Jan
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 257 bytes --]
next prev parent reply other threads:[~2009-02-06 21:57 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-02-06 21:08 [Qemu-devel] [PATCH 0/9] encryption code changes Eduardo Habkost
2009-02-06 21:08 ` [Qemu-devel] [PATCH 1/9] vnc: abort on unknown options Eduardo Habkost
2009-02-06 21:08 ` [Qemu-devel] [PATCH 2/9] drive_init: Don't try to read passwords before monitor setup Eduardo Habkost
2009-02-06 21:08 ` [Qemu-devel] [PATCH 3/9] monitor_readline: poll pending bottom halves before readline_start() Eduardo Habkost
2009-02-06 21:08 ` [Qemu-devel] [PATCH 4/9] qcow: define QCOW_CRYPT_MAX Eduardo Habkost
2009-02-06 21:08 ` [Qemu-devel] [PATCH 5/9] qcow: make encryption support optional Eduardo Habkost
2009-02-06 21:08 ` [Qemu-devel] [PATCH 6/9] vnc: make DES-challenge authentication (aka "VNC auth") optional Eduardo Habkost
2009-02-06 21:08 ` [Qemu-devel] [PATCH 7/9] configure: add check for libgcrypt Eduardo Habkost
2009-02-06 21:08 ` [Qemu-devel] [PATCH 8/9] qcow: use libgcrypt AES implementation Eduardo Habkost
2009-02-06 21:09 ` [Qemu-devel] [PATCH 9/9] vnc: use libgcrypt for DES-challenge authentication Eduardo Habkost
2009-02-06 21:57 ` Jan Kiszka [this message]
2009-02-06 23:43 ` [Qemu-devel] [PATCH 0/9] encryption code changes Anthony Liguori
2009-02-07 11:06 ` Daniel P. Berrange
2009-02-09 20:57 ` Eduardo Habkost
2009-02-07 11:00 ` Daniel P. Berrange
2009-02-14 22:23 ` Anthony Liguori
2009-02-18 23:57 ` Eduardo Habkost
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=498CB23B.4020209@web.de \
--to=jan.kiszka@web.de \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).