Report of my virtual network lab migrated from virtualbox to bhyve
Aryeh Friedman
aryeh.friedman at gmail.com
Sat Feb 8 20:57:28 UTC 2014
On Sat, Feb 8, 2014 at 3:54 PM, Adam Vande More <amvandemore at gmail.com>wrote:
>
> On Sat, Feb 8, 2014 at 2:14 PM, Aryeh Friedman <aryeh.friedman at gmail.com>wrote:
>
>>
>> It sounds almost identical to the qcow2 security issue being discussed on
>> qemu-devel at qemu.org recently. This might be a *HUGE* win for bhyve
>> then in considering that it's default format is raw (should ahci-hdd be the
>> default?). devel/qemu (not sure about -dev) uses qcow2 as a default and
>> when playing with it on other OS's I found that it seemed to default to
>> that also. It is my understand that most of the open source cloud
>> platforms use qcow2 as their default also (I remember this from an attempt
>> to install openstack grizzly last summer... I have not checked havana
>> though... can any of the freebsd-openstack confirm this?).
>>
>
> I don't consider it a huge win because the possibility of using an
> insecure device precludes it. Someone high on the tree bhyve needs to
> confirm or deny this otherwise it is unsafe to recommend bhyve
> or petitecloud. No offense intended, I really hope it succeeds and will
> likely use it if it does. I cannot use anything which leaves the host
> open. I am also unclear on how bhyve bypasses GEOM which *should* prevent
> any of the symptoms discussed.
>
The point was that raw has no issue and this is the default for both bhyve
and petitecloud (to avoid certain list politics I didn't mention it by name
before). Sparse is the issue and thus qemu, openstack and cloudstack (as
well as likely vbox) are a problem.
--
Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org
More information about the freebsd-virtualization
mailing list