[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [xen staging] SUPPORT.md: Desupport qemu trad except stub dm
commit 8587160b3e2951b722d395a0346bb17c3c22152f Author: Ian Jackson <ian.jackson@xxxxxxxxxxxxx> AuthorDate: Wed Aug 19 18:31:45 2020 +0100 Commit: Jan Beulich <jbeulich@xxxxxxxx> CommitDate: Wed Nov 4 09:22:37 2020 +0100 SUPPORT.md: Desupport qemu trad except stub dm While investigating XSA-335 we discovered that many upstream security fixes were missing. It is not practical to backport them. There is no good reason to be running this very ancient version of qemu, except that it is the only way to run a stub dm which is currently supported by upstream. Signed-off-by: Ian Jackson <ian.jackson@xxxxxxxxxxxxx> --- SUPPORT.md | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/SUPPORT.md b/SUPPORT.md index 88d4bc7384..ab02aca5f4 100644 --- a/SUPPORT.md +++ b/SUPPORT.md @@ -767,6 +767,21 @@ See the section **Blkback** for image formats supported by QEMU. Status: Supported, not security supported +### qemu-xen-traditional ### + +The Xen Project provides an old version of qemu with modifications +which enable use as a device model stub domain. The old version is +normally selected by default only in a stub dm configuration, but it +can be requested explicitly in other configurations, for example in +`xl` with `device_model_version="QEMU_XEN_TRADITIONAL"`. + + Status, Device Model Stub Domains: Supported, with caveats + Status, as host process device model: No security support, not recommended + +qemu-xen-traditional is security supported only for those available +devices which are supported for mainstream QEMU (see above), with +trusted driver domains (see Device Model Stub Domains). + ## Virtual Firmware ### x86/HVM iPXE -- generated by git-patchbot for /home/xen/git/xen.git#staging
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |