From: Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006@gmx.net>
To: Anthony Liguori <anthony@codemonkey.ws>
Cc: Ian Jackson <Ian.Jackson@eu.citrix.com>,
qemu-devel@nongnu.org,
Bique Alexandre <bique.alexandre@gmail.com>
Subject: Re: [Qemu-devel] [PATCH 0/7] ATAPI CDROM passthrough v5
Date: Sat, 29 Aug 2009 23:10:42 +0200 [thread overview]
Message-ID: <4A999952.1030505@gmx.net> (raw)
In-Reply-To: <4A99946F.9040307@codemonkey.ws>
On 29.08.2009 22:49, Anthony Liguori wrote:
> Carl-Daniel Hailfinger wrote:
>> On 28.08.2009 22:21, Bique Alexandre wrote:
>>
>>> On Wednesday 12 August 2009 17:18:13 Ian Jackson wrote:
>>>
>>>>> Also, I think Paul and I both requested that fw upgrade not be
>>>>> disabled by default.
>>>>>
>>>> As previously discussed I think this is a mistake, but it's a decision
>>>> for qemu upstream to make so I have changed this.
>>
>> Anyone up for writing a security advisory about this?
>
> Eh?
>
> If you do hardware passthrough, the guest can mess up the device.
> This is always going to be true and it's a security problem IMHO to
> make the user think anything other than that.
The guest can also mess up other devices with the help of specially
crafted firmware. So even if the user does not care about the effects on
a particular device, a firmware upgrade might affect other devices
(which are not used by Qemu in any way) as well. As a result, this is
essentially a "break out of qemu or DoS the machine under certain
conditions" feature. If that particular side effect / feature is
documented, users who read the documentation won't get any nasty surprises.
If that's what you intended to say, I apologize for the misunderstanding.
Regards,
Carl-Daniel
> Regards,
>
> Anthony Liguori
next prev parent reply other threads:[~2009-08-29 21:10 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-08-12 17:18 [Qemu-devel] [PATCH 0/7] ATAPI CDROM passthrough v5 Ian Jackson
2009-08-12 17:26 ` [Qemu-devel] " Ian Jackson
2009-08-12 22:00 ` [Qemu-devel] " Christoph Hellwig
2009-08-13 16:44 ` Ian Jackson
2009-08-24 13:18 ` Anthony Liguori
2009-08-28 20:21 ` Bique Alexandre
2009-08-29 19:35 ` Carl-Daniel Hailfinger
2009-08-29 20:49 ` Anthony Liguori
2009-08-29 21:10 ` Carl-Daniel Hailfinger [this message]
2009-08-30 0:14 ` Anthony Liguori
2010-10-18 23:29 ` Alexander Graf
2010-10-19 0:10 ` Anthony Liguori
2010-10-19 6:17 ` Alexander Graf
2010-10-19 14:27 ` Michal Suchanek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4A999952.1030505@gmx.net \
--to=c-d.hailfinger.devel.2006@gmx.net \
--cc=Ian.Jackson@eu.citrix.com \
--cc=anthony@codemonkey.ws \
--cc=bique.alexandre@gmail.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).