Home Explore Help
Register Sign In
FangSoftSoft
/
qemu
mirror of https://github.com/utmapp/qemu.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

docs/secure-coding-practices: Describe how to use 'null-co' block driver

Document that security reports must use 'null-co,read-zeroes=on'
because otherwise the memory is left uninitialized (which is an
on-purpose performance feature).

Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Message-Id: <20210601162548.2076631-1-philmd@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Philippe Mathieu-Daudé 4 years ago
parent
bed9523471
commit
b317006a3f
1 changed files with 9 additions and 0 deletions
Unified View Show Diff Stats
  1. 9 0
      docs/devel/secure-coding-practices.rst

+ 9 - 0
docs/devel/secure-coding-practices.rst
View File 

@@ -104,3 +104,12 @@ structures and only process the local copy.  This prevents
 
 time-of-check-to-time-of-use (TOCTOU) race conditions that could cause QEMU to
 
 time-of-check-to-time-of-use (TOCTOU) race conditions that could cause QEMU to
 
 crash when a vCPU thread modifies guest RAM while device emulation is
 
 crash when a vCPU thread modifies guest RAM while device emulation is
 
 processing it.
 
 processing it.
 
+
 
+Use of null-co block drivers
 
+----------------------------
 
+
 
+The ``null-co`` block driver is designed for performance: its read accesses are
 
+not initialized by default. In case this driver has to be used for security
 
+research, it must be used with the ``read-zeroes=on`` option which fills read
 
+buffers with zeroes. Security issues reported with the default
 
+(``read-zeroes=off``) will be discarded.