From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [63.128.21.124]) by mx.groups.io with SMTP id smtpd.web12.14053.1603806088466947588 for ; Tue, 27 Oct 2020 06:41:28 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=AWc7fs0A; spf=pass (domain: redhat.com, ip: 63.128.21.124, mailfrom: lersek@redhat.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1603806087; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=9qphCVIXxEIOOg2K/1bZS4IsR3VVDlj0wtvvpbLDztc=; b=AWc7fs0A1zPYGuEIfgbCGItOvfZjhdNDQAe+BTEJU1IrBwaGsakeZriPuyDQs7QsC9AXzv gN8YGSnPS5RLq4kbYlEC43aVl7rWasBzs+QxWaMUfZUMyjxXyDg40tPrSFX6WqvBj+dOtX nDvoAgBoAjDDya3v+Wcx4VPRS7Y8144= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-426-yn1S0jsON-evjNzz1J1DJQ-1; Tue, 27 Oct 2020 09:41:23 -0400 X-MC-Unique: yn1S0jsON-evjNzz1J1DJQ-1 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 2A8E7107AFD4; Tue, 27 Oct 2020 13:41:22 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-114-132.ams2.redhat.com [10.36.114.132]) by smtp.corp.redhat.com (Postfix) with ESMTP id 59DD35B4B2; Tue, 27 Oct 2020 13:41:21 +0000 (UTC) Subject: Re: [edk2-devel] OVMF/QEMU shell based unit tests and writing to a virtual disk From: "Laszlo Ersek" To: devel@edk2.groups.io, spbrogan@outlook.com, discuss@edk2.groups.io References: Message-ID: Date: Tue, 27 Oct 2020 14:41:20 +0100 MIME-Version: 1.0 In-Reply-To: X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=lersek@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit On 10/27/20 14:26, Laszlo Ersek wrote: > Now, another option (on Linux anyway) is to loop-mount a "raw" virtual > disk image. This is not recommended, as it directly exposes the host > kernel's filesystem driver(s) to metadata produced by the guest. It > could trigger security issues in the host kernel. > > (This is exactly what guestfish avoids, by running a separate Linux > guest -- called the "libguestfs appliance" -- on top of the virtual disk > image. The guestfish command interpreter on the host side exchanges > commands and data with the appliance over virtio-serial. If the metadata > on the disk image is malicious, it will break / exploit the *guest* > kernel in the appliance. The host-side component, the guestfish command > interpreter, only has to sanity-check the virtio-serial exchanges.) If you trust your guest 100%, you *might* try the following: - use a disk image file with "format=vhdx" on the QEMU command line, - when QEMU is not running, I think you might be able to "loop-mount" the VHDX file directly, on Windows. Mutual exclusion remains just as important, of course. ... A reference about vhdx support: . ... A reference about the pitfalls with vvfat: . Thanks, Laszlo