In 4.16 we changed to not build this by default. I think it is now
time to explicitly desupport it, completely, in favour of Linux dm
stub domains.
Signed-off-by: Ian Jackson <iwj@xenproject.org>
---
MAINTAINERS | 2 +-
SUPPORT.md | 18 +++++++++---------
2 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/MAINTAINERS b/MAINTAINERS
index e43dc0edce..933579541f 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -455,7 +455,7 @@ S: Supported
F: tools/python
QEMU-DM
-S: Supported
+S: Obsolete
T: git https://xenbits.xenproject.org/git-http/qemu-xen-traditional.git
QEMU UPSTREAM
diff --git a/SUPPORT.md b/SUPPORT.md
index 3a34933c89..b64ebee93b 100644
--- a/SUPPORT.md
+++ b/SUPPORT.md
@@ -802,17 +802,17 @@ See the section **Blkback** for image formats supported by QEMU.
### qemu-xen-traditional ###
The Xen Project provides an old version of qemu with modifications
-which enable use as a device model stub domain. The old version is
-normally selected by default only in a stub dm configuration, but it
-can be requested explicitly in other configurations, for example in
-`xl` with `device_model_version="QEMU_XEN_TRADITIONAL"`.
+which enable use as a device model stub domain. This old version is
+not built by default. Even if it is build, it is normally selected by
+default only in a stub dm configuration, but it can be requested
+explicitly in other configurations, for example in `xl` with
+`device_model_version="QEMU_XEN_TRADITIONAL"`.
- Status, Device Model Stub Domains: Supported, with caveats
- Status, as host process device model: No security support, not recommended
+When device model stub domains are desired for the additional
+security, we recommend using a device model stub domain consisting of
+a modern qemu and a Linux kernel.
-qemu-xen-traditional is security supported only for those available
-devices which are supported for mainstream QEMU (see above), with
-trusted driver domains (see Device Model Stub Domains).
+ Status: Obsolete
## Virtual Firmware
--
2.20.1
Hi Ian, On 09/12/2021 14:26, Ian Jackson wrote: > In 4.16 we changed to not build this by default. I think it is now > time to explicitly desupport it, completely, in favour of Linux dm > stub domains. > > Signed-off-by: Ian Jackson <iwj@xenproject.org> > --- > MAINTAINERS | 2 +- > SUPPORT.md | 18 +++++++++--------- > 2 files changed, 10 insertions(+), 10 deletions(-) > > diff --git a/MAINTAINERS b/MAINTAINERS > index e43dc0edce..933579541f 100644 > --- a/MAINTAINERS > +++ b/MAINTAINERS > @@ -455,7 +455,7 @@ S: Supported > F: tools/python > > QEMU-DM > -S: Supported > +S: Obsolete > T: git https://xenbits.xenproject.org/git-http/qemu-xen-traditional.git > > QEMU UPSTREAM > diff --git a/SUPPORT.md b/SUPPORT.md > index 3a34933c89..b64ebee93b 100644 > --- a/SUPPORT.md > +++ b/SUPPORT.md > @@ -802,17 +802,17 @@ See the section **Blkback** for image formats supported by QEMU. > ### qemu-xen-traditional ### > > The Xen Project provides an old version of qemu with modifications > -which enable use as a device model stub domain. The old version is > -normally selected by default only in a stub dm configuration, but it > -can be requested explicitly in other configurations, for example in > -`xl` with `device_model_version="QEMU_XEN_TRADITIONAL"`. > +which enable use as a device model stub domain. This old version is > +not built by default. Even if it is build, it is normally selected by > +default only in a stub dm configuration, but it can be requested > +explicitly in other configurations, for example in `xl` with > +`device_model_version="QEMU_XEN_TRADITIONAL"`. > > - Status, Device Model Stub Domains: Supported, with caveats > - Status, as host process device model: No security support, not recommended > +When device model stub domains are desired for the additional > +security, we recommend using a device model stub domain consisting of > +a modern qemu and a Linux kernel. Looking at SUPPORT.md, we have: ### Linux device model stubdomains Support for running qemu-xen device model in a linux stubdomain. Status: Tech Preview Is it still accurate? If yes, I am not sure we can recommend user to switch to Linux stubdomain until this is fully supported. Cheers, -- Julien Grall
On 14.12.2021 20:19, Julien Grall wrote: > On 09/12/2021 14:26, Ian Jackson wrote: >> In 4.16 we changed to not build this by default. I think it is now >> time to explicitly desupport it, completely, in favour of Linux dm >> stub domains. >> >> Signed-off-by: Ian Jackson <iwj@xenproject.org> >> --- >> MAINTAINERS | 2 +- >> SUPPORT.md | 18 +++++++++--------- >> 2 files changed, 10 insertions(+), 10 deletions(-) >> >> diff --git a/MAINTAINERS b/MAINTAINERS >> index e43dc0edce..933579541f 100644 >> --- a/MAINTAINERS >> +++ b/MAINTAINERS >> @@ -455,7 +455,7 @@ S: Supported >> F: tools/python >> >> QEMU-DM >> -S: Supported >> +S: Obsolete >> T: git https://xenbits.xenproject.org/git-http/qemu-xen-traditional.git >> >> QEMU UPSTREAM >> diff --git a/SUPPORT.md b/SUPPORT.md >> index 3a34933c89..b64ebee93b 100644 >> --- a/SUPPORT.md >> +++ b/SUPPORT.md >> @@ -802,17 +802,17 @@ See the section **Blkback** for image formats supported by QEMU. >> ### qemu-xen-traditional ### >> >> The Xen Project provides an old version of qemu with modifications >> -which enable use as a device model stub domain. The old version is >> -normally selected by default only in a stub dm configuration, but it >> -can be requested explicitly in other configurations, for example in >> -`xl` with `device_model_version="QEMU_XEN_TRADITIONAL"`. >> +which enable use as a device model stub domain. This old version is >> +not built by default. Even if it is build, it is normally selected by >> +default only in a stub dm configuration, but it can be requested >> +explicitly in other configurations, for example in `xl` with >> +`device_model_version="QEMU_XEN_TRADITIONAL"`. >> >> - Status, Device Model Stub Domains: Supported, with caveats >> - Status, as host process device model: No security support, not recommended >> +When device model stub domains are desired for the additional >> +security, we recommend using a device model stub domain consisting of >> +a modern qemu and a Linux kernel. > > Looking at SUPPORT.md, we have: > > ### Linux device model stubdomains > > Support for running qemu-xen device model in a linux stubdomain. > > Status: Tech Preview > > Is it still accurate? If yes, I am not sure we can recommend user to > switch to Linux stubdomain until this is fully supported. FWIW I agree that this needs updating at the same time or in a prereq change. I guess it'll need to be someone other than Ian now to pick up and progress this patch, though. Jan
Jan Beulich writes ("Re: [PATCH] SUPPORT.md, MAINTAINERS: De-support qemu-xen-traditional"): > FWIW I agree that this needs updating at the same time or in a prereq > change. I guess it'll need to be someone other than Ian now to pick > up and progress this patch, though. Yes, I'm afraid so. Regards, Ian. -- Ian Jackson <ijackson@chiark.greenend.org.uk> These opinions are my own. Pronouns: they/he. If I emailed you from @fyvzl.net or @evade.org.uk, that is a private address which bypasses my fierce spamfilter.
© 2016 - 2024 Red Hat, Inc.