[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH 0/2] qemu: add new disk type='lun' for bus='virtio'

On 12/22/2011 11:39 AM, Laine Stump wrote:
> These two patches are in response to CVE-2011-4127:
>   http://seclists.org/oss-sec/2011/q4/536
> Once the kernel security fix and corresponding qemu mitigation patch
> are in place, access to SG_IO commands from qemu guests will be
> disabled by default. This patch series provides a way to explicitly
> enable such support when it is required.

Given that this helps mitigate a CVE, I think we want to include this in
0.9.9 (another reason for an rc2 build shortly).  I'll go ahead and
review these patches, but I'm still not sure whether we have consensus
on whether to use type='lun' or device='lun'.

Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]