In 4.16 we changed to not build this by default. I think it is now
time to explicitly desupport it, completely, in favour of Linux dm
stub domains.
Signed-off-by: Ian Jackson <iwj@xenproject.org>
---
MAINTAINERS | 2 +-
SUPPORT.md | 18 +++++++++---------
2 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/MAINTAINERS b/MAINTAINERS
index e43dc0edce..933579541f 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -455,7 +455,7 @@ S: Supported
F: tools/python
QEMU-DM
-S: Supported
+S: Obsolete
T: git https://xenbits.xenproject.org/git-http/qemu-xen-traditional.git
QEMU UPSTREAM
diff --git a/SUPPORT.md b/SUPPORT.md
index 3a34933c89..b64ebee93b 100644
--- a/SUPPORT.md
+++ b/SUPPORT.md
@@ -802,17 +802,17 @@ See the section **Blkback** for image formats supported by QEMU.
### qemu-xen-traditional ###
The Xen Project provides an old version of qemu with modifications
-which enable use as a device model stub domain. The old version is
-normally selected by default only in a stub dm configuration, but it
-can be requested explicitly in other configurations, for example in
-`xl` with `device_model_version="QEMU_XEN_TRADITIONAL"`.
+which enable use as a device model stub domain. This old version is
+not built by default. Even if it is build, it is normally selected by
+default only in a stub dm configuration, but it can be requested
+explicitly in other configurations, for example in `xl` with
+`device_model_version="QEMU_XEN_TRADITIONAL"`.
- Status, Device Model Stub Domains: Supported, with caveats
- Status, as host process device model: No security support, not recommended
+When device model stub domains are desired for the additional
+security, we recommend using a device model stub domain consisting of
+a modern qemu and a Linux kernel.
-qemu-xen-traditional is security supported only for those available
-devices which are supported for mainstream QEMU (see above), with
-trusted driver domains (see Device Model Stub Domains).
+ Status: Obsolete
## Virtual Firmware
--
2.20.1
Hi Ian,
On 09/12/2021 14:26, Ian Jackson wrote:
> In 4.16 we changed to not build this by default. I think it is now
> time to explicitly desupport it, completely, in favour of Linux dm
> stub domains.
>
> Signed-off-by: Ian Jackson <iwj@xenproject.org>
> ---
> MAINTAINERS | 2 +-
> SUPPORT.md | 18 +++++++++---------
> 2 files changed, 10 insertions(+), 10 deletions(-)
>
> diff --git a/MAINTAINERS b/MAINTAINERS
> index e43dc0edce..933579541f 100644
> --- a/MAINTAINERS
> +++ b/MAINTAINERS
> @@ -455,7 +455,7 @@ S: Supported
> F: tools/python
>
> QEMU-DM
> -S: Supported
> +S: Obsolete
> T: git https://xenbits.xenproject.org/git-http/qemu-xen-traditional.git
>
> QEMU UPSTREAM
> diff --git a/SUPPORT.md b/SUPPORT.md
> index 3a34933c89..b64ebee93b 100644
> --- a/SUPPORT.md
> +++ b/SUPPORT.md
> @@ -802,17 +802,17 @@ See the section **Blkback** for image formats supported by QEMU.
> ### qemu-xen-traditional ###
>
> The Xen Project provides an old version of qemu with modifications
> -which enable use as a device model stub domain. The old version is
> -normally selected by default only in a stub dm configuration, but it
> -can be requested explicitly in other configurations, for example in
> -`xl` with `device_model_version="QEMU_XEN_TRADITIONAL"`.
> +which enable use as a device model stub domain. This old version is
> +not built by default. Even if it is build, it is normally selected by
> +default only in a stub dm configuration, but it can be requested
> +explicitly in other configurations, for example in `xl` with
> +`device_model_version="QEMU_XEN_TRADITIONAL"`.
>
> - Status, Device Model Stub Domains: Supported, with caveats
> - Status, as host process device model: No security support, not recommended
> +When device model stub domains are desired for the additional
> +security, we recommend using a device model stub domain consisting of
> +a modern qemu and a Linux kernel.
Looking at SUPPORT.md, we have:
### Linux device model stubdomains
Support for running qemu-xen device model in a linux stubdomain.
Status: Tech Preview
Is it still accurate? If yes, I am not sure we can recommend user to
switch to Linux stubdomain until this is fully supported.
Cheers,
--
Julien Grall
On 14.12.2021 20:19, Julien Grall wrote: > On 09/12/2021 14:26, Ian Jackson wrote: >> In 4.16 we changed to not build this by default. I think it is now >> time to explicitly desupport it, completely, in favour of Linux dm >> stub domains. >> >> Signed-off-by: Ian Jackson <iwj@xenproject.org> >> --- >> MAINTAINERS | 2 +- >> SUPPORT.md | 18 +++++++++--------- >> 2 files changed, 10 insertions(+), 10 deletions(-) >> >> diff --git a/MAINTAINERS b/MAINTAINERS >> index e43dc0edce..933579541f 100644 >> --- a/MAINTAINERS >> +++ b/MAINTAINERS >> @@ -455,7 +455,7 @@ S: Supported >> F: tools/python >> >> QEMU-DM >> -S: Supported >> +S: Obsolete >> T: git https://xenbits.xenproject.org/git-http/qemu-xen-traditional.git >> >> QEMU UPSTREAM >> diff --git a/SUPPORT.md b/SUPPORT.md >> index 3a34933c89..b64ebee93b 100644 >> --- a/SUPPORT.md >> +++ b/SUPPORT.md >> @@ -802,17 +802,17 @@ See the section **Blkback** for image formats supported by QEMU. >> ### qemu-xen-traditional ### >> >> The Xen Project provides an old version of qemu with modifications >> -which enable use as a device model stub domain. The old version is >> -normally selected by default only in a stub dm configuration, but it >> -can be requested explicitly in other configurations, for example in >> -`xl` with `device_model_version="QEMU_XEN_TRADITIONAL"`. >> +which enable use as a device model stub domain. This old version is >> +not built by default. Even if it is build, it is normally selected by >> +default only in a stub dm configuration, but it can be requested >> +explicitly in other configurations, for example in `xl` with >> +`device_model_version="QEMU_XEN_TRADITIONAL"`. >> >> - Status, Device Model Stub Domains: Supported, with caveats >> - Status, as host process device model: No security support, not recommended >> +When device model stub domains are desired for the additional >> +security, we recommend using a device model stub domain consisting of >> +a modern qemu and a Linux kernel. > > Looking at SUPPORT.md, we have: > > ### Linux device model stubdomains > > Support for running qemu-xen device model in a linux stubdomain. > > Status: Tech Preview > > Is it still accurate? If yes, I am not sure we can recommend user to > switch to Linux stubdomain until this is fully supported. FWIW I agree that this needs updating at the same time or in a prereq change. I guess it'll need to be someone other than Ian now to pick up and progress this patch, though. Jan
Jan Beulich writes ("Re: [PATCH] SUPPORT.md, MAINTAINERS: De-support qemu-xen-traditional"):
> FWIW I agree that this needs updating at the same time or in a prereq
> change. I guess it'll need to be someone other than Ian now to pick
> up and progress this patch, though.
Yes, I'm afraid so.
Regards,
Ian.
--
Ian Jackson <ijackson@chiark.greenend.org.uk> These opinions are my own.
Pronouns: they/he. If I emailed you from @fyvzl.net or @evade.org.uk,
that is a private address which bypasses my fierce spamfilter.
© 2016 - 2024 Red Hat, Inc.