docs/secure-coding-practices: Describe how to use 'null-co' block driver
Document that security reports must use 'null-co,read-zeroes=on' because otherwise the memory is left uninitialized (which is an on-purpose performance feature). Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20210601162548.2076631-1-philmd@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This commit is contained in:
parent
bed9523471
commit
b317006a3f
@ -104,3 +104,12 @@ structures and only process the local copy. This prevents
|
||||
time-of-check-to-time-of-use (TOCTOU) race conditions that could cause QEMU to
|
||||
crash when a vCPU thread modifies guest RAM while device emulation is
|
||||
processing it.
|
||||
|
||||
Use of null-co block drivers
|
||||
----------------------------
|
||||
|
||||
The ``null-co`` block driver is designed for performance: its read accesses are
|
||||
not initialized by default. In case this driver has to be used for security
|
||||
research, it must be used with the ``read-zeroes=on`` option which fills read
|
||||
buffers with zeroes. Security issues reported with the default
|
||||
(``read-zeroes=off``) will be discarded.
|
||||
|
Loading…
Reference in New Issue
Block a user