diff options
| author | Christian Schoenebeck <qemu_oss@crudebyte.com> | 2023-06-26 13:49:06 +0200 |
|---|---|---|
| committer | Christian Schoenebeck <qemu_oss@crudebyte.com> | 2023-07-06 11:42:08 +0200 |
| commit | 71d72ececa086114df80fe4cc04d701b59002eb2 (patch) | |
| tree | 13d1c72b2f6bc3ca59c2ec293107a1e503c0d44c /fsdev | |
| parent | 0618e72d64e434dd6f1bc38b107670474c49fb86 (diff) | |
9pfs: deprecate 'proxy' backend
As recent CVE-2023-2861 (fixed by f6b0de53fb) once again showed, the 9p
'proxy' fs driver is in bad shape. Using the 'proxy' backend was already
discouraged for safety reasons before and we recommended to use the
'local' backend (preferably in conjunction with its 'mapped' security
model) instead, but now it is time to officially deprecate the 'proxy'
backend.
Signed-off-by: Christian Schoenebeck <qemu_oss@crudebyte.com>
Reviewed-by: Greg Kurz <groug@kaod.org>
Message-Id: <E1qDkmw-0007M1-8f@lizzy.crudebyte.com>
Diffstat (limited to 'fsdev')
| -rw-r--r-- | fsdev/qemu-fsdev.c | 8 | ||||
| -rw-r--r-- | fsdev/virtfs-proxy-helper.c | 9 |
2 files changed, 17 insertions, 0 deletions
diff --git a/fsdev/qemu-fsdev.c b/fsdev/qemu-fsdev.c index 3da64e9f72..f5c953a710 100644 --- a/fsdev/qemu-fsdev.c +++ b/fsdev/qemu-fsdev.c @@ -133,6 +133,14 @@ int qemu_fsdev_add(QemuOpts *opts, Error **errp) } if (fsdriver) { + if (strncmp(fsdriver, "proxy", 5) == 0) { + warn_report( + "'-fsdev proxy' and '-virtfs proxy' are deprecated, use " + "'local' instead of 'proxy, or consider deploying virtiofsd " + "as alternative to 9p" + ); + } + for (i = 0; i < ARRAY_SIZE(FsDrivers); i++) { if (strcmp(FsDrivers[i].name, fsdriver) == 0) { break; diff --git a/fsdev/virtfs-proxy-helper.c b/fsdev/virtfs-proxy-helper.c index d9511f429c..144aaf585a 100644 --- a/fsdev/virtfs-proxy-helper.c +++ b/fsdev/virtfs-proxy-helper.c @@ -9,6 +9,11 @@ * the COPYING file in the top-level directory. */ +/* + * NOTE: The 9p 'proxy' backend is deprecated (since QEMU 8.1) and will be + * removed in a future version of QEMU! + */ + #include "qemu/osdep.h" #include <glib/gstdio.h> #include <sys/resource.h> @@ -1057,6 +1062,10 @@ int main(int argc, char **argv) struct statfs st_fs; #endif + fprintf(stderr, "NOTE: The 9p 'proxy' backend is deprecated (since " + "QEMU 8.1) and will be removed in a future version of " + "QEMU!\n"); + prog_name = g_path_get_basename(argv[0]); is_daemon = true; |