diff options
| author | Richard Henderson <richard.henderson@linaro.org> | 2023-07-06 18:19:42 +0100 |
|---|---|---|
| committer | Richard Henderson <richard.henderson@linaro.org> | 2023-07-06 18:19:42 +0100 |
| commit | 97c81ef4b8e203d9620fd46e7eb77004563e3675 (patch) | |
| tree | 812b1d6215f5d8dc8e43273c22b4d0e401ca54c0 /docs | |
| parent | 822cb97cefe2416ce61fe8007ad69904bbe24502 (diff) | |
| parent | 3548fa01511b4d8d19d4b187d3989b7033b733d8 (diff) | |
Merge tag 'pull-9p-20230706' of https://github.com/cschoenebeck/qemu into staging
Administrative changes only:
* Deprecate 9p 'proxy' backend.
* Raise status of 9p to 'Maintained'.
# -----BEGIN PGP SIGNATURE-----
#
# iQJLBAABCgA1FiEEltjREM96+AhPiFkBNMK1h2Wkc5UFAmSmkAsXHHFlbXVfb3Nz
# QGNydWRlYnl0ZS5jb20ACgkQNMK1h2Wkc5We1xAAol+HbhQ2zNCJUbZ2/WY3Jf0H
# K86DRQIs6w6UkL9msFz+id+tR5i50HoJ3+RnOKvy/fPqO8Rv6mb0d9r+bIG1JJCc
# ubHP91x/nyDbP0XbLMtmtCz/T4g67E11Qqriq7lH1bPF7ccU3iXHZNup9HARjOoE
# SQo9x4e7IDi1WdmM2vjvRXCh4ZLIlBv7c+2vAeP4V7FhJhDkL+1y+w6aCFw0xpd8
# lto3Egnhz6pk7+SJfQwCl3rfozHhCxlNmcNa+7vqckVFpdJrvtKOQB4cn9yVDPr/
# WjmYoB2J3MwYuZz+qAkdRJ6dUTLJb87YqJJe6lcKq0lqjiFBk7TccvIN9WgyJQd/
# eLUPCCyo98g9RCaPzjLc4MgbpCPCmqJkg8A1vJzykvq51BqJZcdkwfJ7LFmsvTSo
# IfR1Seq4OUUzTZ2gWh8wJBNcPpAbilHzQnumxBEupe0Dg/pwoQWCywTYJN6Yf/6+
# PzcK39bVFKrEyc4Z1Y/yXvAzD7nX8X78kSHvxYYEQfzruLIVQjUUQ7Mp3TiJvljk
# mLdcYqavjawgC2zmZU4L2Lx4Su7iVIkhNWj57WkfooSzLrAjueYQIJEltAt8Qmn6
# x3+u3xI/myNKujMpaqgTAU5Gk2J2UApshq5Zwe8HpnVwWoxS3QetXdA/f4AXwZOk
# TpnKPYQa7edPLSSAbAs=
# =GzjR
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu 06 Jul 2023 10:57:31 AM BST
# gpg: using RSA key 96D8D110CF7AF8084F88590134C2B58765A47395
# gpg: issuer "qemu_oss@crudebyte.com"
# gpg: Good signature from "Christian Schoenebeck <qemu_oss@crudebyte.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: ECAB 1A45 4014 1413 BA38 4926 30DB 47C3 A012 D5F4
# Subkey fingerprint: 96D8 D110 CF7A F808 4F88 5901 34C2 B587 65A4 7395
* tag 'pull-9p-20230706' of https://github.com/cschoenebeck/qemu:
MAINTAINERS: raise status of 9p to 'Maintained'
9pfs: deprecate 'proxy' backend
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/about/deprecated.rst | 23 | ||||
| -rw-r--r-- | docs/tools/virtfs-proxy-helper.rst | 3 |
2 files changed, 26 insertions, 0 deletions
diff --git a/docs/about/deprecated.rst b/docs/about/deprecated.rst index 0743459862..ddc1e48460 100644 --- a/docs/about/deprecated.rst +++ b/docs/about/deprecated.rst @@ -343,6 +343,29 @@ the addition of volatile memory support, it is now necessary to distinguish between persistent and volatile memory backends. As such, memdev is deprecated in favor of persistent-memdev. +``-fsdev proxy`` and ``-virtfs proxy`` (since 8.1) +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +The 9p ``proxy`` filesystem backend driver has been deprecated and will be +removed (along with its proxy helper daemon) in a future version of QEMU. Please +use ``-fsdev local`` or ``-virtfs local`` for using the 9p ``local`` filesystem +backend, or alternatively consider deploying virtiofsd instead. + +The 9p ``proxy`` backend was originally developed as an alternative to the 9p +``local`` backend. The idea was to enhance security by dispatching actual low +level filesystem operations from 9p server (QEMU process) over to a separate +process (the virtfs-proxy-helper binary). However this alternative never gained +momentum. The proxy backend is much slower than the local backend, hasn't seen +any development in years, and showed to be less secure, especially due to the +fact that its helper daemon must be run as root, whereas with the local backend +QEMU is typically run as unprivileged user and allows to tighten behaviour by +mapping permissions et al by using its 'mapped' security model option. + +Nowadays it would make sense to reimplement the ``proxy`` backend by using +QEMU's ``vhost`` feature, which would eliminate the high latency costs under +which the 9p ``proxy`` backend currently suffers. However as of to date nobody +has indicated plans for such kind of reimplemention unfortunately. + Block device options '''''''''''''''''''' diff --git a/docs/tools/virtfs-proxy-helper.rst b/docs/tools/virtfs-proxy-helper.rst index 6cdeedf8e9..bd310ebb07 100644 --- a/docs/tools/virtfs-proxy-helper.rst +++ b/docs/tools/virtfs-proxy-helper.rst @@ -9,6 +9,9 @@ Synopsis Description ----------- +NOTE: The 9p 'proxy' backend is deprecated (since QEMU 8.1) and will be +removed, along with this daemon, in a future version of QEMU! + Pass-through security model in QEMU 9p server needs root privilege to do few file operations (like chown, chmod to any mode/uid:gid). There are two issues in pass-through security model: |