lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1278624583.12109.15.camel@localhost.localdomain>
Date:	Thu, 8 Jul 2010 22:29:43 +0100
From:	Ian Campbell <Ian.Campbell@...rix.com>
To:	"ddutile@...hat.com" <ddutile@...hat.com>
CC:	Stefano Stabellini <Stefano.Stabellini@...citrix.com>,
	"jeremy@...p.org" <jeremy@...p.org>,
	"xen-devel@...ts.xensource.com" <xen-devel@...ts.xensource.com>,
	"stefano@...bellini.net" <stefano@...bellini.net>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"sheng@...ux.intel.com" <sheng@...ux.intel.com>
Subject: Re: [Xen-devel] Re: [PATCH 12/13] Unplug emulated disks and nics

On Thu, 2010-07-08 at 20:57 +0100, Don Dutile wrote:
> I guess what I'm wondering is why not set xen_emul_unplug to ignore by
> default (static int xen_emul_unplug=XEN_UNPLUG_IGNORE), which handles
> the case I mentioned (just take existing guest config file as is, no edits,
> pre-pv-hvm added to guest kernel),  and if person edits config file to 
> change boot device to xvda, they would then edit the config to add
> -x xen_emul_unplug=[all|ide-disks|...]  as well.

Can you guarantee that nobody is running an HVM guest today with a
configuration file that specifies xvda (I believe it would work)? In
other words can you be sure that defaulting to XEN_UNPLUG_IGNORE is
_always_ going to be safe? Not just on RHEL hosts and with
configurations generated by the RH tools or according to the RH docs but
on any host with any (possibly hand-crafted) configuration?

Any guest which uses xvda in its configuration file today will be using
emulated devices but I think that with Stefano's patch and your proposed
change in default on a Xen system without support for unplug will start
using PV devices without unplugging the emulated ones first.

I don't think there is any way for a guest running on a platform which
does not support the unplug protocol to know automatically if it is safe
to use the PV devices or not, therefore we have to err on the side of
caution and ask users with such systems who know that their
configuration is safe to explicitly request PV devices by using the
command line option. Doing anything else is taking risks with people's
data.

Ian.


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ