From nobody Mon Feb  9 18:44:15 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates
 192.237.175.120 as permitted sender) client-ip=192.237.175.120;
 envelope-from=xen-devel-bounces@lists.xenproject.org;
 helo=lists.xenproject.org;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of lists.xenproject.org designates
 192.237.175.120 as permitted sender)
  smtp.mailfrom=xen-devel-bounces@lists.xenproject.org;
	dmarc=pass(p=quarantine dis=none)  header.from=suse.com
ARC-Seal: i=1; a=rsa-sha256; t=1636027457; cv=none;
	d=zohomail.com; s=zohoarc;
	b=QwiySSb8jqyHLtWiHb8uzx8rCWiNu/aX1trt56u51MxrL3RagYQMg2gPcc2QEC7jpcms9f0BhR0GEB5sV5TkHWGQXtL4KM2DP65AQwq2M70ZSea3o2WOMn0dkBFSwV+berMbK9s3CHSRLLBFGH7lwF2uv/VuYcXvuaBuKL1OhHA=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1636027457;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To;
	bh=k/v5OEykdgPDYAbYvSHlTvD3M2pDaoCL1y7adw+gtcU=;
	b=SjNJJOABWB8zvib0tKP8G7fTgMVZA4ZcCemKvbAMxMCsPL2LsS+0uqo5aPdnznWh86amb4gc0pr0QtXFM4XO7mb9OKmv5IkceDpviiWVJKGngF07tcugFxESWNE2kQj7/czlkH1MHU+n13kjZoVjkc5JymhwfxqYYWPR7jyHl3I=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of lists.xenproject.org designates
 192.237.175.120 as permitted sender)
  smtp.mailfrom=xen-devel-bounces@lists.xenproject.org;
	dmarc=pass header.from=<jgross@suse.com> (p=quarantine dis=none)
Return-Path: <xen-devel-bounces@lists.xenproject.org>
Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120])
 by mx.zohomail.com
	with SMTPS id 163602745723657.343247334250236;
 Thu, 4 Nov 2021 05:04:17 -0700 (PDT)
Received: from list by lists.xenproject.org with
 outflank-mailman.221461.383188 (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1mibSv-0001oq-0c; Thu, 04 Nov 2021 12:03:33 +0000
Received: by outflank-mailman (output) from mailman id 221461.383188;
 Thu, 04 Nov 2021 12:03:32 +0000
Received: from localhost ([127.0.0.1] helo=lists.xenproject.org)
	by lists.xenproject.org with esmtp (Exim 4.92)
	(envelope-from <xen-devel-bounces@lists.xenproject.org>)
	id 1mibSu-0001lD-OC; Thu, 04 Nov 2021 12:03:32 +0000
Received: by outflank-mailman (input) for mailman id 221461;
 Thu, 04 Nov 2021 12:03:31 +0000
Received: from se1-gles-sth1-in.inumbo.com ([159.253.27.254]
 helo=se1-gles-sth1.inumbo.com)
 by lists.xenproject.org with esmtp (Exim 4.92)
 (envelope-from <SRS0=93tI=PX=suse.com=jgross@srs-se1.protection.inumbo.net>)
 id 1mibSt-0001eN-Ic
 for xen-devel@lists.xenproject.org; Thu, 04 Nov 2021 12:03:31 +0000
Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.220.28])
 by se1-gles-sth1.inumbo.com (Halon) with ESMTPS
 id 38eaa456-3d67-11ec-9787-a32c541c8605;
 Thu, 04 Nov 2021 13:03:29 +0100 (CET)
Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de
 [192.168.254.74])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512)
 (No client certificate requested)
 by smtp-out1.suse.de (Postfix) with ESMTPS id A7E96218D5;
 Thu,  4 Nov 2021 12:03:28 +0000 (UTC)
Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de
 [192.168.254.74])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512)
 (No client certificate requested)
 by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 7D40D13C68;
 Thu,  4 Nov 2021 12:03:28 +0000 (UTC)
Received: from dovecot-director2.suse.de ([192.168.254.65])
 by imap2.suse-dmz.suse.de with ESMTPSA id uMJsHRDMg2HJfQAAMHmgww
 (envelope-from <jgross@suse.com>); Thu, 04 Nov 2021 12:03:28 +0000
X-Outflank-Mailman: Message body and most headers restored to incoming version
X-BeenThere: xen-devel@lists.xenproject.org
List-Id: Xen developer discussion <xen-devel.lists.xenproject.org>
List-Unsubscribe: <https://lists.xenproject.org/mailman/options/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xenproject.org>
List-Help: <mailto:xen-devel-request@lists.xenproject.org?subject=help>
List-Subscribe: <https://lists.xenproject.org/mailman/listinfo/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=subscribe>
Errors-To: xen-devel-bounces@lists.xenproject.org
Precedence: list
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
X-Inumbo-ID: 38eaa456-3d67-11ec-9787-a32c541c8605
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1;
	t=1636027408;
 h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:
	 mime-version:mime-version:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=k/v5OEykdgPDYAbYvSHlTvD3M2pDaoCL1y7adw+gtcU=;
	b=Lilj/uFphU6V6ULoQp+bU8PUtpxmviLaCKSaeDfqNdLLdicbBhy6jdUbx4Bp5wUSTrkNdp
	x+5jRDbFv4iJbEOFE36EaOgCmWDPAd8SpYwwdLKTv3+pYd6/o1T14Z46/IQ8M8IFHrpN6M
	EgpK1Ac5LEAnAzv3ax25lK3xcICM1P8=
From: Juergen Gross <jgross@suse.com>
To: xen-devel@lists.xenproject.org
Cc: Juergen Gross <jgross@suse.com>,
	Ian Jackson <iwj@xenproject.org>,
	Community Manager <community.manager@xenproject.org>,
	Samuel Thibault <samuel.thibault@ens-lyon.org>,
	Wei Liu <wl@xen.org>
Subject: [PATCH-for-4.16 2/2] tools: disable building qemu-trad per default
Date: Thu,  4 Nov 2021 13:03:24 +0100
Message-Id: <20211104120324.9668-3-jgross@suse.com>
X-Mailer: git-send-email 2.26.2
In-Reply-To: <20211104120324.9668-1-jgross@suse.com>
References: <20211104120324.9668-1-jgross@suse.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-ZohoMail-DKIM: pass (identity @suse.com)
X-ZM-MESSAGEID: 1636027459594100003
Content-Type: text/plain; charset="utf-8"

Using qemu-traditional as device model is deprecated for some time now.

So change the default for building it to "disable". This will affect
ioemu-stubdom, too, as there is a direct dependency between the two.

Today it is possible to use a PVH/HVM Linux-based stubdom as device
model. Additionally using ioemu-stubdom isn't really helping for
security, as it requires to run a very old and potentially buggy qemu
version in a PV domain. This is adding probably more security problems
than it is removing by using a stubdom.

Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Acked-by: Ian Jackson <iwj@xenproject.org>
---
This is a resend of my original patch after that has been reverted due
to dependencies to ipxe and rombios. Those have been dealt with in the
first patch of this series.
---
 CHANGELOG.md         |  3 +++
 stubdom/configure    |  8 --------
 stubdom/configure.ac |  8 +-------
 tools/configure      | 17 ++---------------
 tools/configure.ac   | 13 +------------
 5 files changed, 7 insertions(+), 42 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index e7107ac3de..e5ab49e779 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -18,6 +18,9 @@ The format is based on [Keep a Changelog](https://keepach=
angelog.com/en/1.0.0/)
    or by passing "iommu=3Dquarantine=3Dscratch-page" on the hypervisor com=
mand line.
  - pv-grub stubdoms will no longer be built per default. In order to be ab=
le to use pv-grub
    configure needs to be called with "--enable-pv-grub" as parameter.
+ - qemu-traditional based device models (both, qemu-traditional and ioemu-=
stubdom) will
+   no longer be built per default. In order to be able to use those, confi=
gure needs to
+   be called with "--enable-qemu-traditional" as parameter.
=20
 ## [4.15.0 UNRELEASED](https://xenbits.xen.org/gitweb/?p=3Dxen.git;a=3Dsho=
rtlog;h=3DRELEASE-4.15.0) - TBD
=20
diff --git a/stubdom/configure b/stubdom/configure
index df31532abb..07b709f998 100755
--- a/stubdom/configure
+++ b/stubdom/configure
@@ -2286,14 +2286,6 @@ fi
 # Check whether --enable-qemu-traditional was given.
 if test "${enable_qemu_traditional+set}" =3D set; then :
   enableval=3D$enable_qemu_traditional;
-else
-
-    case "$host_cpu" in
-        i[3456]86|x86_64)
-           enable_qemu_traditional=3D"yes";;
-        *) enable_qemu_traditional=3D"no";;
-    esac
-
 fi
=20
 if test "x$enable_qemu_traditional" =3D "xyes"; then :
diff --git a/stubdom/configure.ac b/stubdom/configure.ac
index a07a1edae5..e20d99edac 100644
--- a/stubdom/configure.ac
+++ b/stubdom/configure.ac
@@ -27,13 +27,7 @@ AX_STUBDOM_DEFAULT_ENABLE([xenstorepvh-stubdom], [xensto=
repvh])
 AX_STUBDOM_CONDITIONAL([vtpm-stubdom], [vtpm])
 AX_STUBDOM_CONDITIONAL([vtpmmgr-stubdom], [vtpmmgr])
=20
-AC_ARG_ENABLE([qemu-traditional],,,[
-    case "$host_cpu" in
-        i[[3456]]86|x86_64)
-           enable_qemu_traditional=3D"yes";;
-        *) enable_qemu_traditional=3D"no";;
-    esac
-])
+AC_ARG_ENABLE([qemu-traditional])
 AS_IF([test "x$enable_qemu_traditional" =3D "xyes"], [
     qemu_traditional=3Dy],[
     qemu_traditional=3Dn
diff --git a/tools/configure b/tools/configure
index 7b62b3cdd8..eb4ab9d723 100755
--- a/tools/configure
+++ b/tools/configure
@@ -1502,8 +1502,8 @@ Optional Features:
   --disable-seabios       Disable SeaBIOS (default is ENABLED)
   --disable-golang        Disable Go tools (default is ENABLED)
   --enable-qemu-traditional
-                          Enable qemu traditional device model, (DEFAULT i=
s on
-                          for Linux or NetBSD x86, otherwise off)
+                          Enable qemu traditional device model, (DEFAULT is
+                          off)
   --enable-ipxe           Enable in-tree IPXE, (DEFAULT is on for x86,
                           otherwise off, see also --with-system-ipxe)
   --enable-rombios        Enable ROMBIOS, (DEFAULT is on if qemu-tradition=
al
@@ -4287,19 +4287,6 @@ LINUX_BACKEND_MODULES=3D"`eval echo $LINUX_BACKEND_M=
ODULES`"
 # Check whether --enable-qemu-traditional was given.
 if test "${enable_qemu_traditional+set}" =3D set; then :
   enableval=3D$enable_qemu_traditional;
-else
-
-    case "$host_cpu" in
-        i[3456]86|x86_64)
-           enable_qemu_traditional=3D"yes";;
-        *) enable_qemu_traditional=3D"no";;
-    esac
-    case "$host_os" in
-        freebsd*)
-           enable_qemu_traditional=3D"no";;
-    esac
-
-
 fi
=20
 if test "x$enable_qemu_traditional" =3D "xyes"; then :
diff --git a/tools/configure.ac b/tools/configure.ac
index 4be3138cb3..02f310ce6c 100644
--- a/tools/configure.ac
+++ b/tools/configure.ac
@@ -120,18 +120,7 @@ AC_SUBST(LINUX_BACKEND_MODULES)
=20
 AC_ARG_ENABLE([qemu-traditional],
     AS_HELP_STRING([--enable-qemu-traditional],
-                   [Enable qemu traditional device model, (DEFAULT is on f=
or Linux or NetBSD x86, otherwise off)]),,[
-    case "$host_cpu" in
-        i[[3456]]86|x86_64)
-           enable_qemu_traditional=3D"yes";;
-        *) enable_qemu_traditional=3D"no";;
-    esac
-    case "$host_os" in
-        freebsd*)
-           enable_qemu_traditional=3D"no";;
-    esac
-
-])
+                   [Enable qemu traditional device model, (DEFAULT is off)=
]))
 AS_IF([test "x$enable_qemu_traditional" =3D "xyes"], [
 AC_DEFINE([HAVE_QEMU_TRADITIONAL], [1], [Qemu traditional enabled])
     qemu_traditional=3Dy],[
--=20
2.26.2