SUPPORT.md, MAINTAINERS: De-support qemu-xen-traditional

[PATCH] SUPPORT.md, MAINTAINERS: De-support qemu-xen-traditional

Posted by Ian Jackson 4 years, 2 months ago

In 4.16 we changed to not build this by default.  I think it is now
time to explicitly desupport it, completely, in favour of Linux dm
stub domains.

Signed-off-by: Ian Jackson <iwj@xenproject.org>
---
 MAINTAINERS |  2 +-
 SUPPORT.md  | 18 +++++++++---------
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/MAINTAINERS b/MAINTAINERS
index e43dc0edce..933579541f 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -455,7 +455,7 @@ S:	Supported
 F:	tools/python
 
 QEMU-DM
-S:	Supported
+S:	Obsolete
 T:	git https://xenbits.xenproject.org/git-http/qemu-xen-traditional.git
 
 QEMU UPSTREAM
diff --git a/SUPPORT.md b/SUPPORT.md
index 3a34933c89..b64ebee93b 100644
--- a/SUPPORT.md
+++ b/SUPPORT.md
@@ -802,17 +802,17 @@ See the section **Blkback** for image formats supported by QEMU.
 ### qemu-xen-traditional ###
 
 The Xen Project provides an old version of qemu with modifications
-which enable use as a device model stub domain.  The old version is
-normally selected by default only in a stub dm configuration, but it
-can be requested explicitly in other configurations, for example in
-`xl` with `device_model_version="QEMU_XEN_TRADITIONAL"`.
+which enable use as a device model stub domain.  This old version is
+not built by default.  Even if it is build, it is normally selected by
+default only in a stub dm configuration, but it can be requested
+explicitly in other configurations, for example in `xl` with
+`device_model_version="QEMU_XEN_TRADITIONAL"`.
 
-    Status, Device Model Stub Domains: Supported, with caveats
-    Status, as host process device model: No security support, not recommended
+When device model stub domains are desired for the additional
+security, we recommend using a device model stub domain consisting of
+a modern qemu and a Linux kernel.
 
-qemu-xen-traditional is security supported only for those available
-devices which are supported for mainstream QEMU (see above), with
-trusted driver domains (see Device Model Stub Domains).
+    Status: Obsolete
 
 ## Virtual Firmware
 
-- 
2.20.1

Re: [PATCH] SUPPORT.md, MAINTAINERS: De-support qemu-xen-traditional

Posted by Julien Grall 4 years, 1 month ago

Hi Ian,

On 09/12/2021 14:26, Ian Jackson wrote:
> In 4.16 we changed to not build this by default.  I think it is now
> time to explicitly desupport it, completely, in favour of Linux dm
> stub domains.
> 
> Signed-off-by: Ian Jackson <iwj@xenproject.org>
> ---
>   MAINTAINERS |  2 +-
>   SUPPORT.md  | 18 +++++++++---------
>   2 files changed, 10 insertions(+), 10 deletions(-)
> 
> diff --git a/MAINTAINERS b/MAINTAINERS
> index e43dc0edce..933579541f 100644
> --- a/MAINTAINERS
> +++ b/MAINTAINERS
> @@ -455,7 +455,7 @@ S:	Supported
>   F:	tools/python
>   
>   QEMU-DM
> -S:	Supported
> +S:	Obsolete
>   T:	git https://xenbits.xenproject.org/git-http/qemu-xen-traditional.git
>   
>   QEMU UPSTREAM
> diff --git a/SUPPORT.md b/SUPPORT.md
> index 3a34933c89..b64ebee93b 100644
> --- a/SUPPORT.md
> +++ b/SUPPORT.md
> @@ -802,17 +802,17 @@ See the section **Blkback** for image formats supported by QEMU.
>   ### qemu-xen-traditional ###
>   
>   The Xen Project provides an old version of qemu with modifications
> -which enable use as a device model stub domain.  The old version is
> -normally selected by default only in a stub dm configuration, but it
> -can be requested explicitly in other configurations, for example in
> -`xl` with `device_model_version="QEMU_XEN_TRADITIONAL"`.
> +which enable use as a device model stub domain.  This old version is
> +not built by default.  Even if it is build, it is normally selected by
> +default only in a stub dm configuration, but it can be requested
> +explicitly in other configurations, for example in `xl` with
> +`device_model_version="QEMU_XEN_TRADITIONAL"`.
>   
> -    Status, Device Model Stub Domains: Supported, with caveats
> -    Status, as host process device model: No security support, not recommended
> +When device model stub domains are desired for the additional
> +security, we recommend using a device model stub domain consisting of
> +a modern qemu and a Linux kernel.

Looking at SUPPORT.md, we have:

### Linux device model stubdomains

Support for running qemu-xen device model in a linux stubdomain.

     Status: Tech Preview

Is it still accurate? If yes, I am not sure we can recommend user to 
switch to Linux stubdomain until this is fully supported.

Cheers,

-- 
Julien Grall

Re: [PATCH] SUPPORT.md, MAINTAINERS: De-support qemu-xen-traditional

Posted by Jan Beulich 4 years, 1 month ago

On 14.12.2021 20:19, Julien Grall wrote:
> On 09/12/2021 14:26, Ian Jackson wrote:
>> In 4.16 we changed to not build this by default.  I think it is now
>> time to explicitly desupport it, completely, in favour of Linux dm
>> stub domains.
>>
>> Signed-off-by: Ian Jackson <iwj@xenproject.org>
>> ---
>>   MAINTAINERS |  2 +-
>>   SUPPORT.md  | 18 +++++++++---------
>>   2 files changed, 10 insertions(+), 10 deletions(-)
>>
>> diff --git a/MAINTAINERS b/MAINTAINERS
>> index e43dc0edce..933579541f 100644
>> --- a/MAINTAINERS
>> +++ b/MAINTAINERS
>> @@ -455,7 +455,7 @@ S:	Supported
>>   F:	tools/python
>>   
>>   QEMU-DM
>> -S:	Supported
>> +S:	Obsolete
>>   T:	git https://xenbits.xenproject.org/git-http/qemu-xen-traditional.git
>>   
>>   QEMU UPSTREAM
>> diff --git a/SUPPORT.md b/SUPPORT.md
>> index 3a34933c89..b64ebee93b 100644
>> --- a/SUPPORT.md
>> +++ b/SUPPORT.md
>> @@ -802,17 +802,17 @@ See the section **Blkback** for image formats supported by QEMU.
>>   ### qemu-xen-traditional ###
>>   
>>   The Xen Project provides an old version of qemu with modifications
>> -which enable use as a device model stub domain.  The old version is
>> -normally selected by default only in a stub dm configuration, but it
>> -can be requested explicitly in other configurations, for example in
>> -`xl` with `device_model_version="QEMU_XEN_TRADITIONAL"`.
>> +which enable use as a device model stub domain.  This old version is
>> +not built by default.  Even if it is build, it is normally selected by
>> +default only in a stub dm configuration, but it can be requested
>> +explicitly in other configurations, for example in `xl` with
>> +`device_model_version="QEMU_XEN_TRADITIONAL"`.
>>   
>> -    Status, Device Model Stub Domains: Supported, with caveats
>> -    Status, as host process device model: No security support, not recommended
>> +When device model stub domains are desired for the additional
>> +security, we recommend using a device model stub domain consisting of
>> +a modern qemu and a Linux kernel.
> 
> Looking at SUPPORT.md, we have:
> 
> ### Linux device model stubdomains
> 
> Support for running qemu-xen device model in a linux stubdomain.
> 
>      Status: Tech Preview
> 
> Is it still accurate? If yes, I am not sure we can recommend user to 
> switch to Linux stubdomain until this is fully supported.

FWIW I agree that this needs updating at the same time or in a prereq
change. I guess it'll need to be someone other than Ian now to pick
up and progress this patch, though.

Jan

Re: [PATCH] SUPPORT.md, MAINTAINERS: De-support qemu-xen-traditional

Posted by Ian Jackson 4 years, 1 month ago

Jan Beulich writes ("Re: [PATCH] SUPPORT.md, MAINTAINERS: De-support qemu-xen-traditional"):
> FWIW I agree that this needs updating at the same time or in a prereq
> change. I guess it'll need to be someone other than Ian now to pick
> up and progress this patch, though.

Yes, I'm afraid so.

Regards,
Ian.

-- 
Ian Jackson <ijackson@chiark.greenend.org.uk>   These opinions are my own.  

Pronouns: they/he.  If I emailed you from @fyvzl.net or @evade.org.uk,
that is a private address which bypasses my fierce spamfilter.