From 8294fbe787c1654cab43edcc8e6a11ef0ed16c93 Mon Sep 17 00:00:00 2001 From: Stefano Stabellini Date: Mon, 29 Feb 2016 16:00:48 +0100 Subject: [PATCH] docs: spell out limits of security support for qemu-xen Write down what emulated hardware is supported in qemu-xen. Add a way for users to ask for a change in the list. Signed-off-by: Stefano Stabellini Acked-by: Ian Jackson --- docs/misc/qemu-xen-security | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 docs/misc/qemu-xen-security diff --git a/docs/misc/qemu-xen-security b/docs/misc/qemu-xen-security new file mode 100644 index 0000000000..4ab0b4dd26 --- /dev/null +++ b/docs/misc/qemu-xen-security @@ -0,0 +1,20 @@ +qemu-xen (git://xenbits.xen.org/qemu-xen.git) is only supported for +security fixes when used together with the Xen hypervisor and only with +a subset of all the possible QEMU emulators. Specifically: + +- network: e1000, rtl8139, virtio-net +- storage: piix3 ide, ahci, xen_disk +- graphics: cirris-vga, stdvga and xenfb +- audio: sb16, es1370, ac97 +- input: Xen PV keyboard and mouse (part of xenfb), USB and PS/2 + keyboard and mouse +- serial cards: UART 16550A + +Core components, such as the PCI host bridge and the PIIX3 chipset, are +supported. All devices of one the above classes, which are not explicitly +mentioned, are not supported. For example the ne2000 network card is not +supported. + +If you think that a specific emulated device should be supported, please +contact the QEMU UPSTREAM maintainer and the Xen Security Team +(security@xenproject.org). -- 2.39.5