| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4BA67B2F.4030101@redhat.com> Date: Sun, 21 Mar 2010 22:01:51 +0200 From: Avi Kivity <avi@...hat.com> To: Ingo Molnar <mingo@...e.hu> CC: Anthony Liguori <anthony@...emonkey.ws>, Pekka Enberg <penberg@...helsinki.fi>, "Zhang, Yanmin" <yanmin_zhang@...ux.intel.com>, Peter Zijlstra <a.p.zijlstra@...llo.nl>, Sheng Yang <sheng@...ux.intel.com>, linux-kernel@...r.kernel.org, kvm@...r.kernel.org, Marcelo Tosatti <mtosatti@...hat.com>, oerg Roedel <joro@...tes.org>, Jes Sorensen <Jes.Sorensen@...hat.com>, Gleb Natapov <gleb@...hat.com>, Zachary Amsden <zamsden@...hat.com>, ziteng.huang@...el.com, Arnaldo Carvalho de Melo <acme@...hat.com>, Fr?d?ric Weisbecker <fweisbec@...il.com> Subject: Re: [RFC] Unify KVM kernel-space and user-space code into a single project On 03/21/2010 09:17 PM, Ingo Molnar wrote: > > Adding any new daemon to an existing guest is a deployment and usability > nightmare. > The logical conclusion of that is that everything should be built into the kernel. Where a failure brings the system down or worse. Where you have to bear the memory footprint whether you ever use the functionality or not. Where to update the functionality you need to deploy a new kernel (possibly introducing unrelated bugs) and reboot. If userspace daemons are such a deployment and usability nightmare, maybe we should fix that instead. > The basic rule of good instrumentation is to be transparent. The moment we > have to modify the user-space of a guest just to monitor it, the purpose of > transparent instrumentation is defeated. > You have to modify the guest anyway by deploying a new kernel. > Please try think with the heads of our users and developers and dont suggest > some weird ivory-tower design that is totally impractical ... > inetd.d style 'drop a listener config here and it will be executed on connection' should work. The listener could come with the kernel package, though I don't think it's a good idea. module-init-tools doesn't and people have survived somehow. > And no, you have to code none of this, we'll do all the coding. The only thing > we are asking is for you to not stand in the way of good usability ... > Thanks. -- Do not meddle in the internals of kernels, for they are subtle and quick to panic. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists