aboutsummaryrefslogtreecommitdiff
path: root/DOCS.md
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2024-08-07 20:08:30 -0300
committerSilvio Rhatto <rhatto@riseup.net>2024-08-07 20:08:30 -0300
commit584a352848fa2d97269b584d44f1b6118168149a (patch)
tree52f74876e4faea0294f7bdc258591c3bef81b9ce /DOCS.md
parent817ac5712883e526917cddc9c5e55b95a800b2d7 (diff)
downloadkvmx-584a352848fa2d97269b584d44f1b6118168149a.tar.gz
kvmx-584a352848fa2d97269b584d44f1b6118168149a.tar.bz2
Feat: docs: more on virtio
Diffstat (limited to 'DOCS.md')
-rw-r--r--DOCS.md28
1 files changed, 21 insertions, 7 deletions
diff --git a/DOCS.md b/DOCS.md
index 08b3bc4..b2c1e2e 100644
--- a/DOCS.md
+++ b/DOCS.md
@@ -81,13 +81,7 @@ Image resize can be manually done with a procedure like this thanks to [these do
## Folder sharing
-### With virtio and 9p
-
-* Status: works on kvmx.
-* Limitations: performance is low on Linux (as of 2024-08-01), due to a
- limitation in the kernel.
-
-#### About
+### Virtio
References on virtio:
@@ -95,6 +89,16 @@ References on virtio:
* [linux kernel - VIRTIO: How it increase performance - Stack Overflow](https://stackoverflow.com/questions/24737882/virtio-how-it-increase-performance)
* [Virtual I/O Device (VIRTIO) Version 1.1](https://docs.oasis-open.org/virtio/virtio/v1.1/cs01/virtio-v1.1-cs01.html#x1-240006)
+### With virtio and 9p
+
+* Status: works on kvmx.
+* Limitations: performance is low on Linux (as of 2024-08-01), due to a
+ limitation in the kernel.
+* Since fixes for CVE-2023-2861 were released, it's not possible anymore to set
+ UNIX sockets in shared folders.
+
+#### Details
+
Some references on 9p folder sharing:
* [v9fs: Plan 9 Resource Sharing for Linux — The Linux Kernel documentation](https://www.kernel.org/doc/html/latest/filesystems/9p.html)
@@ -102,6 +106,13 @@ Some references on 9p folder sharing:
* [Documentation/9psetup - QEMU](https://wiki.qemu.org/Documentation/9psetup)
* [v9fs · GitHub](https://github.com/v9fs)
+Support for opening sockets was removed with fixes for CVE-2023-2861:
+
+* [Os boot issues on 9p filesystem due to unix domain sockets open failure (#2337) · Issues · QEMU / QEMU · GitLab](https://gitlab.com/qemu-project/qemu/-/issues/2337)
+* [9pfs: prevent opening special files (CVE-2023-2861) (f6b0de53) · Commits · QEMU / QEMU · GitLab](https://gitlab.com/qemu-project/qemu/-/commit/f6b0de53fb87ddefed348a39284c8e2f28dc4eda)
+* [CVE - CVE-2023-2861](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2861)
+* [SECURITY DLA 3759-1 qemu security update](https://lists.debian.org/debian-lts-announce/2024/03/msg00012.html)
+
#### Performance
Performance limitations:
@@ -141,6 +152,9 @@ Patches:
### With virtiofs
+* The `virtiofsd` implementation from upstream QUEMY was removed on [version
+ 8.0](https://wiki.qemu.org/ChangeLog/8.0), in favor of the [virtio-fs /
+ virtiofsd](https://gitlab.com/virtio-fs/virtiofsd) implementation.
* [virtiofs - shared file system for virtual machines](https://virtio-fs.gitlab.io/)
* [virtiofs - shared file system for virtual machines / Standalone usage](https://virtio-fs.gitlab.io/howto-qemu.html)
* [Debian -- Details of package virtiofsd in trixie](https://packages.debian.org/trixie/virtiofsd)