From: Andrew Cooper <andrew.cooper3@citrix.com>
To: xen-devel@lists.xen.org
Subject: Re: [PATCH v10 01/10] tools: Add vga=vmware
Date: Wed, 20 May 2015 23:52:32 +0100 [thread overview]
Message-ID: <555D1030.2020001@citrix.com> (raw)
In-Reply-To: <555CC717.4010409@one.verizon.com>
On 20/05/2015 18:40, Don Slutz wrote:
> On 05/15/15 04:49, Ian Campbell wrote:
>> On Fri, 2015-05-15 at 00:42 +0100, Andrew Cooper wrote:
>>> On 15/05/2015 00:34, Don Slutz wrote:
>>>> This allows use of QEMU's VMware emulated video card
>>>>
>>>> Signed-off-by: Don Slutz <dslutz@verizon.com>
>>> Nack.
>>>
>>> Qemu-trad is currently has remote code execution vulnerabilities in its
>>> vmware vga model. CVE-2014-3689 amongst others.
>> Maybe we should only be exposing this new functionality with the
>> qemu-upstream model?
>>
>> In general we've not been taking new development to -trad for some time.
>>
> I plan to go with the prevent usage of vga=vmware in
> device_model_version=qemu-xen-traditional
>
> -Don Slutz
That is perfectly fine from my point of view. (All I care about is not
exposing known RCEs)
~Andrew
next prev parent reply other threads:[~2015-05-20 22:52 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-05-14 23:34 [PATCH v10 00/10] Xen VMware tools support Don Slutz
2015-05-14 23:34 ` [PATCH v10 01/10] tools: Add vga=vmware Don Slutz
2015-05-14 23:42 ` Andrew Cooper
2015-05-14 23:55 ` Don Slutz
2015-05-15 8:49 ` Ian Campbell
2015-05-20 17:40 ` Don Slutz
2015-05-20 22:52 ` Andrew Cooper [this message]
2015-05-14 23:34 ` [PATCH v10 02/10] xen: Add support for VMware cpuid leaves Don Slutz
2015-05-19 20:02 ` Andrew Cooper
2015-05-20 8:03 ` Julien Grall
2015-05-20 18:14 ` Don Slutz
2015-05-20 17:48 ` Don Slutz
2015-05-14 23:34 ` [PATCH v10 03/10] tools: Add vmware_hwver support Don Slutz
2015-05-14 23:34 ` [PATCH v10 04/10] vmware: Add VMware provided include file Don Slutz
2015-05-14 23:34 ` [PATCH v10 05/10] xen: Add vmware_port support Don Slutz
2015-05-19 20:23 ` Andrew Cooper
2015-05-20 17:42 ` Don Slutz
2015-05-14 23:34 ` [PATCH v10 06/10] xen: Add ring 3 " Don Slutz
2015-05-14 23:34 ` [PATCH v10 07/10] tools: Add " Don Slutz
2015-05-14 23:34 ` [PATCH v10 08/10] Add IOREQ_TYPE_VMWARE_PORT Don Slutz
2015-05-14 23:34 ` [PATCH v10 09/10] Add xentrace to vmware_port Don Slutz
2015-05-14 23:34 ` [PATCH v10 10/10] test_x86_emulator.c: Add tests for #GP usage Don Slutz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=555D1030.2020001@citrix.com \
--to=andrew.cooper3@citrix.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).