lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20100319085346.GG12576@elte.hu>
Date:	Fri, 19 Mar 2010 09:53:46 +0100
From:	Ingo Molnar <mingo@...e.hu>
To:	Avi Kivity <avi@...hat.com>
Cc:	Pekka Enberg <penberg@...helsinki.fi>,
	Anthony Liguori <anthony@...emonkey.ws>,
	"Zhang, Yanmin" <yanmin_zhang@...ux.intel.com>,
	Peter Zijlstra <a.p.zijlstra@...llo.nl>,
	Sheng Yang <sheng@...ux.intel.com>,
	linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
	Marcelo Tosatti <mtosatti@...hat.com>,
	oerg Roedel <joro@...tes.org>,
	Jes Sorensen <Jes.Sorensen@...hat.com>,
	Gleb Natapov <gleb@...hat.com>,
	Zachary Amsden <zamsden@...hat.com>, ziteng.huang@...el.com,
	Arnaldo Carvalho de Melo <acme@...hat.com>,
	Fr?d?ric Weisbecker <fweisbec@...il.com>
Subject: Re: [RFC] Unify KVM kernel-space and user-space code into a single
 project


* Avi Kivity <avi@...hat.com> wrote:

> > There were two negative reactions immediately, both showed a fundamental 
> > server versus desktop bias:
> >
> >  - you did not accept that the most important usecase is when there is a
> >    single guest running.
> 
> Well, it isn't.

Erm, my usability points are _doubly_ true when there are multiple guests ...

The inconvenience of having to type:

  perf kvm --host --guest --guestkallsyms=/home/ymzhang/guest/kallsyms \
  --guestmodules=/home/ymzhang/guest/modules top

is very obvious even with a single guest. Now multiply that by more guests ...

The crux is: we are working on improving KVM instrumentation. There are 
working patches posted to this thread and we would like to have/implement an 
automatism to allow the discovery of all this information. The information 
should be available to the developer who wants it, and easily/transparently so 
- in true Linux fashion.

> >  - the reaction to the 'how do we get symbols out of the guest' sub-question
> >    was, paraphrased: 'we dont want that due to<unspecified>  security threat
> >    to XYZ selinux usecase with lots of guests'.
> 
> When I review a patch, I try to think of the difficult cases, not
> just the easy case.

You havent articulated an actionable reason and you have suggested no solution 
either, you just passive-agressive backed the claim that giving developers 
access to the symbol space is some sort of vague 'security threat'.

If that is not so i'd be glad to be proven wrong.

> > Anyone being aware of how Linux and KVM is being used on the desktop will 
> > know how detached that attitude is from the typical desktop usecase ...
> >
> > Usability _never_ sucks because of lack of patches or lack of suggestions. 
> > I bet if you made the next server feature contingent on essential 
> > usability fixes they'd happen overnight - for God's sake there's been 1000 
> > commits in the last 3 months in the Qemu repository so there's plenty of 
> > manpower...
> 
> First of all I am not a qemu maintainer. [...]

That is the crux of the matter. My experience in these threads was that no-one 
really seems to feel in charge of the whole thing. Should we really wonder why 
KVM usability sucks?

> [...] Second, from my point of view all contributors are volunteers (perhaps 
> their employer volunteered them, but there's no difference from my 
> perspective). Asking them to repaint my apartment as a condition to get a 
> patch applied is abuse.  If a patch is good, it gets applied.

This is one of the weirdest arguments i've seen in this thread. Almost all the 
time do we make contributions conditional on the general shape of the project. 
Developers dont get to do just the fun stuff.

This is a basic quid pro quo: new features introduce risks and create 
additional workload not just to the originating developer but on the rest of 
the community as well. You should check how Linus has pulled new features in 
the past 15 years: he very much requires the existing code to first be 
top-notch before he accepts new features for a given area of functionality.

Doing that and insisting on developers to see those imbalances as well is 
absolutely essential to code quality: otherwise everyone would be running 
around implementing just the features they are interested in, without regard 
for the general health of the project.

Of course, if you keep the project in two halves (KVM and Qemu), and pretend 
that they are separate and have little relation, imbalances of quality can 
mount up and you can throw your hands up and say that it's "too bad, I'm not 
maintaining that". It is your basic duty as a Linux maintainer to keep 
balances of quality. I do it all day, other maintainers do it all day.

> > Usability suckage - and i'm not going to be popular for saying this out 
> > loud - almost always shows a basic maintainer disconnect with the real 
> > world. See your very first reactions to my 'KVM usability' observations. 
> > Read back your and Anthony's replies: total 'sure, patches welcome' kind 
> > of indifference. It is _your project_, not some other project down the 
> > road ...
> 
> I could drop everything and write a gtk GUI for qemu.  Is that what you 
> want?

No, my suggestion to you (it's up to you whether you give my opinion any 
weight) is to accept your mistakes and improve, and to not stand in the way of 
people who'd like to improve the situation. You are happy with the server 
features and you also made it clear that you dont feel responsible for the 
rest of the package - which is a big mistake IMO.

Also, you have demonstrated it in this thread that you have near zero 
technical clue about basic desktop and development usability matters - for 
example your stance on symbol space access and your stance on how to enumerate 
guests symbolically are outright bizarre.

Thanks,

	Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ