Re: [Qemu-devel] [PATCH v3 09/26] HACK: vhost-user-backend: allow to specify binary to execute

[Daniel P . Berrangé]

On Tue, Jun 19, 2018 at 08:19:03AM +0200, Gerd Hoffmann wrote:
> On Mon, Jun 18, 2018 at 06:17:12PM +0200, Marc-André Lureau wrote:
> > An executable with its arguments may be given as 'cmd' property, ex:
> > -object vhost-user-backend,id=vui,cmd="./vhost-user-input
> > /dev/input..". The executable is then spawn and, by convention, the
> > vhost-user socket is passed as fd=3. It may be considered a security
> > breach to allow creating processes that may execute arbitrary
> > executables, so this may be restricted to some known executables (via
> > signature etc) or directory.
> 
> Hmm, maybe let the device which uses vhost-user-backend handle this?
> 
> So you use "-device vhost-user-input-pci,device=/dev/input/$dev" and
> vhost-user-input-pci translates that into ...
>  
>   argv = { "$dir/vhost-user-input", "-device", "/dev/input/$dev", NULL }
> 
> ... for vhost-user-backend ?

Or just accept the binary name, but mandate a pre-determined set of
argv, in the same way we do for  TAP device ifup scripts.

Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|