WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] [PATCH] QEMU "drive_init()" Disk Format Security Bypass

from [Ian Jackson] [Permanent Link][Original]
To: Markus Armbruster <armbru@xxxxxxxxxx>
Subject: Re: [Xen-devel] [PATCH] QEMU "drive_init()" Disk Format Security Bypass
From: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>
Date: Mon, 16 Jun 2008 16:45:50 +0100
Cc: Eren Türkay <turkay.eren@xxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date: Mon, 16 Jun 2008 08:46:25 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <87tzfto0ep.fsf@xxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <200805081800.24064.turkay.eren@xxxxxxxxx> <18467.12572.126574.502777@xxxxxxxxxxxxxxxxxxxxxxxx> <20080508171255.GA31908@xxxxxxxxxx> <18467.13858.203078.97403@xxxxxxxxxxxxxxxxxxxxxxxx> <20080508172304.GB31908@xxxxxxxxxx> <18467.14318.921215.768838@xxxxxxxxxxxxxxxxxxxxxxxx> <20080508173023.GC31908@xxxxxxxxxx> <18468.29633.937355.26121@xxxxxxxxxxxxxxxxxxxxxxxx> <18473.52451.967004.377867@xxxxxxxxxxxxxxxxxxxxxxxx> <8763sw9nfx.fsf@xxxxxxxxxxxxxxxxx> <18496.793.632548.533855@xxxxxxxxxxxxxxxxxxxxxxxx> <18514.36535.961030.856448@xxxxxxxxxxxxxxxxxxxxxxxx> <87tzfto0ep.fsf@xxxxxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx 
Markus Armbruster writes ("Re: [Xen-devel] [PATCH] QEMU "drive_init()" Disk 
Format Security Bypass"):
> Patch looks sane.  I backported it to F-8 and verified that:
> 
> 1. usbdevice = "disk:IMG" opens the image IMG raw regardless of file
>    contents.  Same for monitor command usb_add disk:IMG.
> 
> 2. usbdevice = "disk-qcow:IMG" opens the qcow image IMG correctly.
>    Same for monitor command usb_add disk-qcow:IMG.

Good, thanks.

> I believe monitor command change is still broken.  I tried "change fda
> IMG", with a qcow image IMG, and it was opened qcow.  But changing to
> a raw image failed; I think that feature was broken by by your
> security fix.

Yes, this is expected.  If this is a problem then we need a more
sophisticated solution.  NB that hopefully xen-unstable will acquire a
much more recent qemu shortly so there is no need to fix it right now
for xen-unstable unless it's a big problem which I think it probably
isn't given how long it's been like this now ...

Ian.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-devel] [PATCH] QEMU "drive_init()" Disk Format Security Bypass, Markus Armbruster
Next by Date:  [Xen-devel] [PATCH] ioemu: move xenfb frontend to its own file, Samuel Thibault
Previous by Thread:  Re: [Xen-devel] [PATCH] QEMU "drive_init()" Disk Format Security Bypass, Markus Armbruster
Next by Thread:  Re: [Xen-devel] [PATCH] QEMU "drive_init()" Disk Format Security Bypass, Markus Armbruster
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy