Remove support for floppy disks in Nova
Background
------------------
The "VENOM" vulnerability (CVE-2015-3456)[1] was caused due to a Floppy
Disk Controller (FDC) was being initialized for all x86 guests,
regardless of their configuration — so even if a guest does not
explicitly have a virtual floppy disk configured and attached, this
issue is exploitable. To mitigate that, upstream QEMU has suppressed
the FDC for modern machine types (e.g. 'q35') by default — commit
ea96bc629cb, i.e. from QEMU v2.4.0 onwards, because:
"It is Very annoying to carry forward an outdatEd coNtroller with a
mOdern Machine type."
QEMU users can still get floppy devices, but they have to ask for them
explicitly on the command-line.
* * *
Given that, and the use of floppy drives is generally not recommended in
2019, Nova should go ahead and remove support for floppy drives.
Currently Nova allows the use of the floppy drive via these two disk
image metadata properties:
- hw_floppy_bus=fd
- hw_rescue_
Blueprint information
- Status:
- Started
- Approver:
- Balazs Gibizer
- Priority:
- Undefined
- Drafter:
- Kashyap Chamarthy
- Direction:
- Approved
- Assignee:
- Kashyap Chamarthy
- Definition:
- Pending Approval
- Series goal:
- None
- Implementation:
-
Started
- Milestone target:
- None
- Started by
- Balazs Gibizer
- Completed by
Related branches
Related bugs
Sprints
Whiteboard
Gerrit topic: https:/
Addressed by: https:/
[WIP] libvirt: Remove support for floppy drives
[gibi 2021-07-16]: This bp is in inconsistent state so I guess I forget to update it to Appoved state when I mode it to Xena-1. Fixed now.
impl https:/
[2021-09-07 gibi]: We hit feature freeze so it is now deferred from Xena.
