diff options
| author | Silvio Rhatto <rhatto@riseup.net> | 2024-08-07 20:08:30 -0300 |
|---|---|---|
| committer | Silvio Rhatto <rhatto@riseup.net> | 2024-08-07 20:08:30 -0300 |
| commit | 584a352848fa2d97269b584d44f1b6118168149a (patch) | |
| tree | 52f74876e4faea0294f7bdc258591c3bef81b9ce | |
| parent | 817ac5712883e526917cddc9c5e55b95a800b2d7 (diff) | |
| download | kvmx-584a352848fa2d97269b584d44f1b6118168149a.tar.gz kvmx-584a352848fa2d97269b584d44f1b6118168149a.tar.bz2 | |
Feat: docs: more on virtio
| -rw-r--r-- | DOCS.md | 28 |
1 files changed, 21 insertions, 7 deletions
@@ -81,13 +81,7 @@ Image resize can be manually done with a procedure like this thanks to [these do ## Folder sharing -### With virtio and 9p - -* Status: works on kvmx. -* Limitations: performance is low on Linux (as of 2024-08-01), due to a - limitation in the kernel. - -#### About +### Virtio References on virtio: @@ -95,6 +89,16 @@ References on virtio: * [linux kernel - VIRTIO: How it increase performance - Stack Overflow](https://stackoverflow.com/questions/24737882/virtio-how-it-increase-performance) * [Virtual I/O Device (VIRTIO) Version 1.1](https://docs.oasis-open.org/virtio/virtio/v1.1/cs01/virtio-v1.1-cs01.html#x1-240006) +### With virtio and 9p + +* Status: works on kvmx. +* Limitations: performance is low on Linux (as of 2024-08-01), due to a + limitation in the kernel. +* Since fixes for CVE-2023-2861 were released, it's not possible anymore to set + UNIX sockets in shared folders. + +#### Details + Some references on 9p folder sharing: * [v9fs: Plan 9 Resource Sharing for Linux — The Linux Kernel documentation](https://www.kernel.org/doc/html/latest/filesystems/9p.html) @@ -102,6 +106,13 @@ Some references on 9p folder sharing: * [Documentation/9psetup - QEMU](https://wiki.qemu.org/Documentation/9psetup) * [v9fs · GitHub](https://github.com/v9fs) +Support for opening sockets was removed with fixes for CVE-2023-2861: + +* [Os boot issues on 9p filesystem due to unix domain sockets open failure (#2337) · Issues · QEMU / QEMU · GitLab](https://gitlab.com/qemu-project/qemu/-/issues/2337) +* [9pfs: prevent opening special files (CVE-2023-2861) (f6b0de53) · Commits · QEMU / QEMU · GitLab](https://gitlab.com/qemu-project/qemu/-/commit/f6b0de53fb87ddefed348a39284c8e2f28dc4eda) +* [CVE - CVE-2023-2861](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2861) +* [SECURITY DLA 3759-1 qemu security update](https://lists.debian.org/debian-lts-announce/2024/03/msg00012.html) + #### Performance Performance limitations: @@ -141,6 +152,9 @@ Patches: ### With virtiofs +* The `virtiofsd` implementation from upstream QUEMY was removed on [version + 8.0](https://wiki.qemu.org/ChangeLog/8.0), in favor of the [virtio-fs / + virtiofsd](https://gitlab.com/virtio-fs/virtiofsd) implementation. * [virtiofs - shared file system for virtual machines](https://virtio-fs.gitlab.io/) * [virtiofs - shared file system for virtual machines / Standalone usage](https://virtio-fs.gitlab.io/howto-qemu.html) * [Debian -- Details of package virtiofsd in trixie](https://packages.debian.org/trixie/virtiofsd) |