[Libguestfs] [PATCH] lib: direct: Remove support for virtio-blk as the default.

Richard W.M. Jones rjones at redhat.com
Thu Apr 20 13:35:24 UTC 2017


On Thu, Apr 20, 2017 at 02:27:45PM +0200, Pino Toscano wrote:
> On Wednesday, 19 April 2017 12:00:17 CEST Richard W.M. Jones wrote:
> > virtio-scsi has been supported in qemu since 2012, and it is superior
> > in every respect to virtio-blk.  There's no reason to still be using
> > virtio-blk.
> > 
> > virtio-scsi support was initially added in 2012
> > (commit 0c0a7d0d868d153adf0600189f771459e1068b0a).
> > 
> > You can still use virtio-blk using the (deprecated) iface parameter,
> > but don't do that in new code.
> > ---
> 
> LGTM, just one note below.
> 
> >    /* CVE-2011-4127 mitigation: Disable SCSI ioctls on virtio-blk
> > -   * devices.  The -global option must exist, but you can pass any
> > -   * strings to it so we don't need to check for the specific virtio
> > -   * feature.
> > +   * devices.
> >     */
> > -  if (guestfs_int_qemu_supports (g, data->qemu_data, "-global")) {
> > -    ADD_CMDLINE ("-global");
> > -    ADD_CMDLINE (VIRTIO_BLK ".scsi=off");
> > -  }
> > +  ADD_CMDLINE ("-global");
> > +  ADD_CMDLINE (VIRTIO_BLK ".scsi=off");
> 
> Before them, a "safety" check like the (untested) following could be
> added:
> 
>   if (guestfs_int_qemu_supports_device (g, data, VIRTIO_SCSI) != 1) {
>     error (g, _("QEMU with virtio-scsi support is required"));
>     goto cleanup0;
>   }

I wonder if there's a case where virtio-scsi wouldn't be available.

I'm thinking if qemu modularized more hardware?

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-builder quickly builds VMs from scratch
http://libguestfs.org/virt-builder.1.html




More information about the Libguestfs mailing list