summary refs log tree commit diff stats
path: root/results/classifier/108/other/1843941
diff options
context:
space:
mode:
Diffstat (limited to 'results/classifier/108/other/1843941')
-rw-r--r--results/classifier/108/other/184394130
1 files changed, 30 insertions, 0 deletions
diff --git a/results/classifier/108/other/1843941 b/results/classifier/108/other/1843941
new file mode 100644
index 000000000..b01563f6e
--- /dev/null
+++ b/results/classifier/108/other/1843941
@@ -0,0 +1,30 @@
+semantic: 0.708
+device: 0.667
+graphic: 0.607
+network: 0.594
+other: 0.461
+permissions: 0.454
+socket: 0.453
+vnc: 0.416
+PID: 0.394
+boot: 0.364
+files: 0.316
+debug: 0.316
+performance: 0.213
+KVM: 0.123
+
+RBD Namespaces are not supported
+
+Ceph Nautilus (v14.2.0) introduced the Namespaces concept for RADOS Block Devices. This provides a logical separation within a RADOS Pool for RBD images which enables granular access control. See https://docs.ceph.com/docs/nautilus/releases/nautilus/ for additional details.
+
+librados and librbd support this, however qemu does not. The rbd man page defines how rbd images within a namespace can be referenced. https://docs.ceph.com/docs/nautilus/man/8/rbd/#image-snap-group-and-journal-specs
+
+Adding support for RBD namespaces would be beneficial for security and reducing the impact of a hypervisor being compromised and putting an entire Ceph pool or cluster at risk.
+
+I just posted a patch today on the qemu-devel mailing list, you can find it there : https://lists.gnu.org/archive/html/qemu-devel/2019-12/msg04344.html
+
+Thanks for adding the support. I was actually already play-testing your patch. I'll respond to the mailing list soon.
+
+Patch had been included here:
+https://gitlab.com/qemu-project/qemu/-/commit/19ae9ae01471552
+