[libvirt] [PATCH 0/2] qemu: add new disk type='lun' for bus='virtio'
Eric Blake
eblake at redhat.com
Mon Jan 2 14:49:56 UTC 2012
On 12/22/2011 11:39 AM, Laine Stump wrote:
>
> These two patches are in response to CVE-2011-4127:
>
> http://seclists.org/oss-sec/2011/q4/536
>
> Once the kernel security fix and corresponding qemu mitigation patch
> are in place, access to SG_IO commands from qemu guests will be
> disabled by default. This patch series provides a way to explicitly
> enable such support when it is required.
Given that this helps mitigate a CVE, I think we want to include this in
0.9.9 (another reason for an rc2 build shortly). I'll go ahead and
review these patches, but I'm still not sure whether we have consensus
on whether to use type='lun' or device='lun'.
--
Eric Blake eblake at redhat.com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 620 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20120102/a7e3175a/attachment-0001.sig>
More information about the libvir-list
mailing list