| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 22 Mar 2010 17:06:17 -0500 From: Anthony Liguori <anthony@...emonkey.ws> To: Avi Kivity <avi@...hat.com> CC: Ingo Molnar <mingo@...e.hu>, Pekka Enberg <penberg@...helsinki.fi>, "Zhang, Yanmin" <yanmin_zhang@...ux.intel.com>, Peter Zijlstra <a.p.zijlstra@...llo.nl>, Sheng Yang <sheng@...ux.intel.com>, linux-kernel@...r.kernel.org, kvm@...r.kernel.org, Marcelo Tosatti <mtosatti@...hat.com>, oerg Roedel <joro@...tes.org>, Jes Sorensen <Jes.Sorensen@...hat.com>, Gleb Natapov <gleb@...hat.com>, Zachary Amsden <zamsden@...hat.com>, ziteng.huang@...el.com, Arnaldo Carvalho de Melo <acme@...hat.com>, Fr?d?ric Weisbecker <fweisbec@...il.com>, Gregory Haskins <ghaskins@...ell.com> Subject: Re: [RFC] Unify KVM kernel-space and user-space code into a single project On 03/22/2010 02:47 PM, Avi Kivity wrote: > On 03/22/2010 09:27 PM, Ingo Molnar wrote: >> >>> If your position basically boils down to, we can't trust userspace >>> and we can always trust the kernel, I want to eliminate any >>> userspace path, then I can't really help you out. >> Why would you want to 'help me out'? I can tell a good solution from >> a bad one >> just fine. > > You are basically making a kernel implementation a requirement, > instead of something that follows from the requirement. > >> You should instead read the long list of disadvantages above, invert >> them and >> list then as advantages for the kernel-based vcpu enumeration >> solution, apply >> common sense and go admit to yourself that indeed in this situation a >> kernel >> provided enumeration of vcpu contexts is the most robust solution. > > Having qemu enumerate guests one way or another is not a good idea IMO > since it is focused on one guest and doesn't have a system-wide entity. There always needs to be a system wide entity. There are two ways to enumerate instances from that system wide entity. You can centralize the creation of instances and there by maintain an list of current instances. You can also allow instances to be created in a decentralized manner and provide a standard mechanism for instances to register themselves with the system wide entity. IOW, it's the difference between asking libvirtd to exec(qemu) vs allowing a user to exec(qemu) and having qemu connect to a well known unix domain socket for libvirt to tell libvirtd that it exists. The later approach has a number of advantages. libvirt already supports both models. The former is the '/system' uri and the later is the '/session' uri. What I'm proposing, is to use the host file system as the system wide entity instead of libvirtd. libvirtd can monitor the host file system to participate in these activities but ultimately, moving this functionality out of libvirtd means that it becomes the standard mechanism for all qemu instances regardless of how they're launched. Regards, Anthony Liguori > A userspace system-wide entity will work just as well as kernel > implementation, without its disadvantages. > -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists