[Qemu-devel] [PATCH v3 0/2] security.rst: add Security Guide to developer docs

Stefan Hajnoczi posted 2 patches 4 years, 10 months ago
Test docker-mingw@fedora passed
Test asan passed
Test docker-clang@ubuntu passed
Test checkpatch passed
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20190509121820.16294-1-stefanha@redhat.com
Makefile                               |   2 +-
docs/devel/index.rst                   |   1 +
docs/devel/secure-coding-practices.rst | 106 ++++++++++++++++++++
docs/security.texi                     | 131 +++++++++++++++++++++++++
qemu-doc.texi                          |   3 +
5 files changed, 242 insertions(+), 1 deletion(-)
create mode 100644 docs/devel/secure-coding-practices.rst
create mode 100644 docs/security.texi
[Qemu-devel] [PATCH v3 0/2] security.rst: add Security Guide to developer docs
Posted by Stefan Hajnoczi 4 years, 10 months ago
v3:
 * Split into security.texi for qemu-doc and secure-coding-practices.rst for
   the developer documentation [danpb]
 * Mentioned that QEMU can be started as non-root using UNIX groups on
   /dev/kvm, /dev/net/tun, etc [Alex Bennee]
 * Kept Acked-by and Reviewed-by since the v3 changes are minor
v2:
 * Added mention of passthrough USB and PCI devices [philmd]
 * Reworded resource limits [philmd]
 * Added qemu_log_mask(LOG_GUEST_ERROR) [philmd]

At KVM Forum 2018 I gave a presentation on security in QEMU:
https://www.youtube.com/watch?v=YAdRf_hwxU8 (video)
https://vmsplice.net/~stefan/stefanha-kvm-forum-2018.pdf (slides)

This patch series extends the QEMU documentation to cover security topics,
though this is just the beginning and we could flesh it out more in the future.

Stefan Hajnoczi (2):
  docs: add Secure Coding Practices to developer docs
  docs: add Security chapter to the documentation

 Makefile                               |   2 +-
 docs/devel/index.rst                   |   1 +
 docs/devel/secure-coding-practices.rst | 106 ++++++++++++++++++++
 docs/security.texi                     | 131 +++++++++++++++++++++++++
 qemu-doc.texi                          |   3 +
 5 files changed, 242 insertions(+), 1 deletion(-)
 create mode 100644 docs/devel/secure-coding-practices.rst
 create mode 100644 docs/security.texi

-- 
2.21.0


Re: [Qemu-devel] [PATCH v3 0/2] security.rst: add Security Guide to developer docs
Posted by Stefan Hajnoczi 4 years, 10 months ago
On Thu, May 09, 2019 at 01:18:18PM +0100, Stefan Hajnoczi wrote:
> v3:
>  * Split into security.texi for qemu-doc and secure-coding-practices.rst for
>    the developer documentation [danpb]
>  * Mentioned that QEMU can be started as non-root using UNIX groups on
>    /dev/kvm, /dev/net/tun, etc [Alex Bennee]
>  * Kept Acked-by and Reviewed-by since the v3 changes are minor
> v2:
>  * Added mention of passthrough USB and PCI devices [philmd]
>  * Reworded resource limits [philmd]
>  * Added qemu_log_mask(LOG_GUEST_ERROR) [philmd]
> 
> At KVM Forum 2018 I gave a presentation on security in QEMU:
> https://www.youtube.com/watch?v=YAdRf_hwxU8 (video)
> https://vmsplice.net/~stefan/stefanha-kvm-forum-2018.pdf (slides)
> 
> This patch series extends the QEMU documentation to cover security topics,
> though this is just the beginning and we could flesh it out more in the future.
> 
> Stefan Hajnoczi (2):
>   docs: add Secure Coding Practices to developer docs
>   docs: add Security chapter to the documentation
> 
>  Makefile                               |   2 +-
>  docs/devel/index.rst                   |   1 +
>  docs/devel/secure-coding-practices.rst | 106 ++++++++++++++++++++
>  docs/security.texi                     | 131 +++++++++++++++++++++++++
>  qemu-doc.texi                          |   3 +
>  5 files changed, 242 insertions(+), 1 deletion(-)
>  create mode 100644 docs/devel/secure-coding-practices.rst
>  create mode 100644 docs/security.texi
> 
> -- 
> 2.21.0
> 

Thanks, applied to my block tree:
https://github.com/stefanha/qemu/commits/block

Stefan