[Qemu-devel] [PATCH] 9pfs: deprecate handle backend

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [PATCH] 9pfs: deprecate handle backend

From:	Greg Kurz
Subject:	[Qemu-devel] [PATCH] 9pfs: deprecate handle backend
Date:	Mon, 18 Dec 2017 14:46:00 +0100
User-agent:	StGit/0.17.1-46-g6855-dirty

This backend raise some concerns:

- doesn't support symlinks
- fails +100 tests in the PJD POSIX file system test suite [1]
- requires the QEMU process to run with the CAP_DAC_READ_SEARCH
  capability, which isn't recommended for security reasons

For all these reasons, the handle backend is now deprecated.

[1] https://www.tuxera.com/community/posix-test-suite/

Signed-off-by: Greg Kurz <address@hidden>
---

Aneesh,

Even if I see the benefit of using file handles in a userspace file
server, the handle backend still has flaws that make it hardly usable
IMHO. Also I haven't received anything about it in years. All users
and contributors seem to stick to the local backend.

My guess is that nobody uses the handle backend, and unless I'm missing
something, it wouldn't hurt to drop it. My motivation is to reduce the
number of lines that I don't really have time/motivation to maintain,
and that could be subject to a CVE in the future.

Any thoughts ?
---
 hw/9pfs/9p-handle.c |    2 ++
 qemu-doc.texi       |    8 ++++++++
 2 files changed, 10 insertions(+)

diff --git a/hw/9pfs/9p-handle.c b/hw/9pfs/9p-handle.c
index 9875f1894cc5..1291a2db6782 100644
--- a/hw/9pfs/9p-handle.c
+++ b/hw/9pfs/9p-handle.c
@@ -657,6 +657,8 @@ static int handle_parse_opts(QemuOpts *opts, struct 
FsDriverEntry *fse)
     const char *sec_model = qemu_opt_get(opts, "security_model");
     const char *path = qemu_opt_get(opts, "path");
 
+    warn_report("handle backend is deprecated");
+
     if (sec_model) {
         error_report("Invalid argument security_model specified with handle 
fsdriver");
         return -1;
diff --git a/qemu-doc.texi b/qemu-doc.texi
index f7317dfc66cd..bf44e2752cb2 100644
--- a/qemu-doc.texi
+++ b/qemu-doc.texi
@@ -2509,6 +2509,14 @@ default channel subsystem image for guests that do not 
support multiple
 channel subsystems, all devices can be put into the default channel
 subsystem image.
 
address@hidden -fsdev handle (since 2.12.0)
+
+The ``handle'' fsdev backend does not support symlinks and causes the 9p
+filesystem in the guest to fail a fair amount of tests from the PJD POSIX
+filesystem test suite. Also it requires the CAP_DAC_READ_SEARCH capability,
+which is not the recommended way to run QEMU. This backend should not be
+used and it will be removed with no replacement.
+
 @section qemu-img command line arguments
 
 @subsection convert -s (since 2.0.0)

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH] 9pfs: deprecate handle backend, Greg Kurz <=
- Re: [Qemu-devel] [PATCH] 9pfs: deprecate handle backend, Daniel P. Berrange, 2017/12/18
  - Re: [Qemu-devel] [PATCH] 9pfs: deprecate handle backend, Greg Kurz, 2017/12/18

Prev by Date: Re: [Qemu-devel] [PATCH v2 4/5] s390-ccw: interactive boot menu for eckd dasd
Next by Date: Re: [Qemu-devel] [virtio-dev] Re: [v22 1/2] virtio-crypto: Add virtio crypto device specification
Previous by thread: [Qemu-devel] [PATCH 1/3] input: add missing JIS keys to virtio input
Next by thread: Re: [Qemu-devel] [PATCH] 9pfs: deprecate handle backend
Index(es):
- Date
- Thread