]> gitweb.fluxo.info Git - kvmx.git/commitdiff
projects / kvmx.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 817ac57)
Feat: docs: more on virtio
authorSilvio Rhatto <rhatto@riseup.net>
Wed, 7 Aug 2024 23:08:30 +0000 (20:08 -0300)
committerSilvio Rhatto <rhatto@riseup.net>
Wed, 7 Aug 2024 23:08:30 +0000 (20:08 -0300)
DOCS.md patch | blob | history

diff --git a/DOCS.md b/DOCS.md
index 08b3bc4e33fb9cbe433a6a792f3b394232c4650a..b2c1e2eae3a320948d281fcf135c2bfbe365897b 100644 (file)
--- a/DOCS.md
+++ b/DOCS.md
@@ -81,13 +81,7 @@ Image resize can be manually done with a procedure like this thanks to [these do
 
 ## Folder sharing
 
-### With virtio and 9p
-
-* Status: works on kvmx.
-* Limitations: performance is low on Linux (as of 2024-08-01), due to a
-  limitation in the kernel.
-
-#### About
+### Virtio
 
 References on virtio:
 
@@ -95,6 +89,16 @@ References on virtio:
   * [linux kernel - VIRTIO: How it increase performance - Stack Overflow](https://stackoverflow.com/questions/24737882/virtio-how-it-increase-performance)
       * [Virtual I/O Device (VIRTIO) Version 1.1](https://docs.oasis-open.org/virtio/virtio/v1.1/cs01/virtio-v1.1-cs01.html#x1-240006)
 
+### With virtio and 9p
+
+* Status: works on kvmx.
+* Limitations: performance is low on Linux (as of 2024-08-01), due to a
+  limitation in the kernel.
+* Since fixes for CVE-2023-2861 were released, it's not possible anymore to set
+  UNIX sockets in shared folders.
+
+#### Details
+
 Some references on 9p folder sharing:
 
 * [v9fs: Plan 9 Resource Sharing for Linux — The Linux Kernel documentation](https://www.kernel.org/doc/html/latest/filesystems/9p.html)
@@ -102,6 +106,13 @@ Some references on 9p folder sharing:
   * [Documentation/9psetup - QEMU](https://wiki.qemu.org/Documentation/9psetup)
   * [v9fs · GitHub](https://github.com/v9fs)
 
+Support for opening sockets was removed with fixes for CVE-2023-2861:
+
+* [Os boot issues on 9p filesystem due to unix domain sockets open failure (#2337) · Issues · QEMU / QEMU · GitLab](https://gitlab.com/qemu-project/qemu/-/issues/2337)
+* [9pfs: prevent opening special files (CVE-2023-2861) (f6b0de53) · Commits · QEMU / QEMU · GitLab](https://gitlab.com/qemu-project/qemu/-/commit/f6b0de53fb87ddefed348a39284c8e2f28dc4eda)
+* [CVE - CVE-2023-2861](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2861)
+* [SECURITY DLA 3759-1 qemu security update](https://lists.debian.org/debian-lts-announce/2024/03/msg00012.html)
+
 #### Performance
 
 Performance limitations:
@@ -141,6 +152,9 @@ Patches:
 
 ### With virtiofs
 
+* The `virtiofsd` implementation from upstream QUEMY was removed on [version
+  8.0](https://wiki.qemu.org/ChangeLog/8.0), in favor of the [virtio-fs /
+  virtiofsd](https://gitlab.com/virtio-fs/virtiofsd) implementation.
 * [virtiofs - shared file system for virtual machines](https://virtio-fs.gitlab.io/)
   * [virtiofs - shared file system for virtual machines / Standalone usage](https://virtio-fs.gitlab.io/howto-qemu.html)
     * [Debian -- Details of package virtiofsd in trixie](https://packages.debian.org/trixie/virtiofsd)
Virtual Machine Manager