On 26/10/2018 11:59, Daniel P. Berrangé wrote: > I should also say that QEMU as an upstream project has multiple goals. > Running KVM guests with modern PV hardware is only one of them, albeit > a widely used one. Being able to run old legacy OS with old hardware, > and running arbitrary embedded boards/devices with emulation are both > use cases that QEMU project aims to address. To eliminate all the old > "crufty" device emulation in name of improving security for KVM, would > be to eliminate core use cases of the project. THis is why we're trying > to persue the direction of making it easier for vendors to disable > features and devices they don't wish to support & thus limit their > downstream CVE exposure. Indeed. If we had to deprecate a feature just because it had an off-by-one bug, no C program would grow beyond 1000 lines of code... Paolo -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
