From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1MOI6p-0004Mo-0o
	for qemu-devel@nongnu.org; Tue, 07 Jul 2009 17:21:51 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1MOI6o-0004MQ-Lw
	for qemu-devel@nongnu.org; Tue, 07 Jul 2009 17:21:50 -0400
Received: from [199.232.76.173] (port=57549 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1MOI6o-0004MC-90
	for qemu-devel@nongnu.org; Tue, 07 Jul 2009 17:21:50 -0400
Received: from ey-out-2122.google.com ([74.125.78.24]:14418)
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <bique.alexandre@gmail.com>) id 1MOI6n-00071J-Uk
	for qemu-devel@nongnu.org; Tue, 07 Jul 2009 17:21:50 -0400
Received: by ey-out-2122.google.com with SMTP id 22so1176151eye.57
	for <qemu-devel@nongnu.org>; Tue, 07 Jul 2009 14:21:48 -0700 (PDT)
MIME-Version: 1.0
In-Reply-To: <20090707200327.GA3902@miranda.arrow>
References: <200907011931.53521.alexandre.bique@citrix.com>
	<20090707200327.GA3902@miranda.arrow>
From: Alexandre Bique <bique.alexandre@gmail.com>
Date: Tue, 7 Jul 2009 21:21:28 +0000
Message-ID: <5d3bb3090907071421i506a2f0bh5aca170c35a26f62@mail.gmail.com>
Subject: Re: [Qemu-devel] [PATCH 0/5] ATAPI pass through v2
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Stuart Brady <sdbrady@ntlworld.com>
Cc: qemu-devel@nongnu.org

Hi Stuart Brady,

On Tue, Jul 7, 2009 at 8:03 PM, Stuart Brady<sdbrady@ntlworld.com> wrote:
> On Wed, Jul 01, 2009 at 07:31:53PM +0100, Bique Alexandre wrote:
>> I updated my patch according to your previous comments.
>>
>> Changes from my previous version:
>> =C2=A0- split the big patch in 5 patches.
>> =C2=A0- not exporting any private structure
>> =C2=A0- switched to SG_IO and brdv_aio_ioctl()
>> =C2=A0- not including linux/cdrom.h or linux/bsg.h
>> =C2=A0- got some stuff like defines and request_sense structure from lin=
ux/cdrom.h
>
> Forgive my ignorance, but does ATAPI passthrough have any security
> implications that should be documented?

The patch doesn't introduce any resource allocation so it will be
difficult to bomb qemu with the ATAPI pass through code.
There is one command to update the firmware of the device. This one is bloc=
ked.
The security issue is the same as giving the device (+rw) to a user on
the system.

> I expect that running qemu as root counts as a 'bad idea' (I gather
> that commands are filtered when running as a regular user), but even so,
> I wonder if guests should be prevented from performing firmware updates?
Yeps.

> Obviously, the same questions would apply for SCSI passthrough...

Regards,

--=20
Alexandre Bique