diff options
| author | Juergen Gross <jgross@suse.com> | 2021-11-04 17:11:21 +0100 |
|---|---|---|
| committer | Andrew Cooper <andrew.cooper3@citrix.com> | 2021-11-04 18:43:20 +0000 |
| commit | faddd16e367530fe4de5480610f69d8ceb6011d8 (patch) | |
| tree | fb3d35edf6ca28ad6613123e00efbd31aa800604 | |
| parent | bcf77ce510047b9d311d9276646cc449c526e3a5 (diff) | |
tools: disable building qemu-trad per default
Using qemu-traditional as device model is deprecated for some time now.
So change the default for building it to "disable". This will affect
ioemu-stubdom, too, as there is a direct dependency between the two.
Today it is possible to use a PVH/HVM Linux-based stubdom as device
model. Additionally using ioemu-stubdom isn't really helping for
security, as it requires to run a very old and potentially buggy qemu
version in a PV domain. This is adding probably more security problems
than it is removing by using a stubdom.
Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Acked-by: Ian Jackson <iwj@xenproject.org>
Release-acked-by: Ian Jackson <iwj@xenproject.org>
| -rw-r--r-- | CHANGELOG.md | 3 | ||||
| -rwxr-xr-x | stubdom/configure | 8 | ||||
| -rw-r--r-- | stubdom/configure.ac | 8 | ||||
| -rwxr-xr-x | tools/configure | 17 | ||||
| -rw-r--r-- | tools/configure.ac | 13 |
5 files changed, 7 insertions, 42 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index e7107ac3de..e5ab49e779 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -18,6 +18,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/) or by passing "iommu=quarantine=scratch-page" on the hypervisor command line. - pv-grub stubdoms will no longer be built per default. In order to be able to use pv-grub configure needs to be called with "--enable-pv-grub" as parameter. + - qemu-traditional based device models (both, qemu-traditional and ioemu-stubdom) will + no longer be built per default. In order to be able to use those, configure needs to + be called with "--enable-qemu-traditional" as parameter. ## [4.15.0 UNRELEASED](https://xenbits.xen.org/gitweb/?p=xen.git;a=shortlog;h=RELEASE-4.15.0) - TBD diff --git a/stubdom/configure b/stubdom/configure index df31532abb..07b709f998 100755 --- a/stubdom/configure +++ b/stubdom/configure @@ -2286,14 +2286,6 @@ fi # Check whether --enable-qemu-traditional was given. if test "${enable_qemu_traditional+set}" = set; then : enableval=$enable_qemu_traditional; -else - - case "$host_cpu" in - i[3456]86|x86_64) - enable_qemu_traditional="yes";; - *) enable_qemu_traditional="no";; - esac - fi if test "x$enable_qemu_traditional" = "xyes"; then : diff --git a/stubdom/configure.ac b/stubdom/configure.ac index a07a1edae5..e20d99edac 100644 --- a/stubdom/configure.ac +++ b/stubdom/configure.ac @@ -27,13 +27,7 @@ AX_STUBDOM_DEFAULT_ENABLE([xenstorepvh-stubdom], [xenstorepvh]) AX_STUBDOM_CONDITIONAL([vtpm-stubdom], [vtpm]) AX_STUBDOM_CONDITIONAL([vtpmmgr-stubdom], [vtpmmgr]) -AC_ARG_ENABLE([qemu-traditional],,,[ - case "$host_cpu" in - i[[3456]]86|x86_64) - enable_qemu_traditional="yes";; - *) enable_qemu_traditional="no";; - esac -]) +AC_ARG_ENABLE([qemu-traditional]) AS_IF([test "x$enable_qemu_traditional" = "xyes"], [ qemu_traditional=y],[ qemu_traditional=n diff --git a/tools/configure b/tools/configure index d980b3ffc9..a3d33eb907 100755 --- a/tools/configure +++ b/tools/configure @@ -1502,8 +1502,8 @@ Optional Features: --disable-seabios Disable SeaBIOS (default is ENABLED) --disable-golang Disable Go tools (default is ENABLED) --enable-qemu-traditional - Enable qemu traditional device model, (DEFAULT is on - for Linux or NetBSD x86, otherwise off) + Enable qemu traditional device model, (DEFAULT is + off) --enable-ipxe Enable in-tree IPXE, (DEFAULT is on for x86, otherwise off, see also --with-system-ipxe) --enable-rombios Enable ROMBIOS, (DEFAULT is on if qemu-traditional @@ -4286,19 +4286,6 @@ LINUX_BACKEND_MODULES="`eval echo $LINUX_BACKEND_MODULES`" # Check whether --enable-qemu-traditional was given. if test "${enable_qemu_traditional+set}" = set; then : enableval=$enable_qemu_traditional; -else - - case "$host_cpu" in - i[3456]86|x86_64) - enable_qemu_traditional="yes";; - *) enable_qemu_traditional="no";; - esac - case "$host_os" in - freebsd*) - enable_qemu_traditional="no";; - esac - - fi if test "x$enable_qemu_traditional" = "xyes"; then : diff --git a/tools/configure.ac b/tools/configure.ac index 97582951c8..03eb7cf146 100644 --- a/tools/configure.ac +++ b/tools/configure.ac @@ -120,18 +120,7 @@ AC_SUBST(LINUX_BACKEND_MODULES) AC_ARG_ENABLE([qemu-traditional], AS_HELP_STRING([--enable-qemu-traditional], - [Enable qemu traditional device model, (DEFAULT is on for Linux or NetBSD x86, otherwise off)]),,[ - case "$host_cpu" in - i[[3456]]86|x86_64) - enable_qemu_traditional="yes";; - *) enable_qemu_traditional="no";; - esac - case "$host_os" in - freebsd*) - enable_qemu_traditional="no";; - esac - -]) + [Enable qemu traditional device model, (DEFAULT is off)])) AS_IF([test "x$enable_qemu_traditional" = "xyes"], [ AC_DEFINE([HAVE_QEMU_TRADITIONAL], [1], [Qemu traditional enabled]) qemu_traditional=y],[ |