qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH 0/9] encryption code changes


From: Anthony Liguori
Subject: Re: [Qemu-devel] [PATCH 0/9] encryption code changes
Date: Sat, 14 Feb 2009 16:23:38 -0600
User-agent: Thunderbird 2.0.0.19 (X11/20090105)

Eduardo Habkost wrote:
Hi,

This patch series for qemu contain multiple changes on the way encryption
and authentication code is handled.

The first patch is a behaviour change to avoid silent security holes on
the VNC server caused by user configuration errors.

Patches 2 and 3 are bugfixes to some of the multiple problems
I had with monitor_readline(), when testing the qcow encryption
support. monitor_readline() is still not completely functional, but
at least it allows the qcow password to be read when an qcow encrypted
image is specified on the command-line, now.

Can you split these out?  Jan's monitor series may fix some of these too.

The remaining patches may be more controversial. The first half makes the
use of aes.c and d3des.c optional at compile time. The rest remove aes.c
and d3des.c from the source tree and replace them with calls to libgcrypt.

I'm having a hard time justifying this. We're adding an external dependency but not gaining any features and potentially making existing features unavailable on platforms that lack said dependency. It's going to create confusion and surprise.

I understand using gcrypt allows us to rely on a third party for security/bug fixes but I'm having a hard time seeing the value of that justify the pain this is going to cause a certain class of users. I'm open to persuasion but that's how I'm currently leaning.

Regards,

Anthony Liguori






reply via email to

[Prev in Thread] Current Thread [Next in Thread]