| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 14 Mar 2012 16:07:55 +0530 From: Amit Shah <amit.shah@...hat.com> To: Wen Congyang <wency@...fujitsu.com> Cc: Avi Kivity <avi@...hat.com>, "Daniel P. Berrange" <berrange@...hat.com>, kvm list <kvm@...r.kernel.org>, qemu-devel <qemu-devel@...gnu.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, KAMEZAWA Hiroyuki <kamezawa.hiroyu@...fujitsu.com>, Jan Kiszka <jan.kiszka@...mens.com>, Gleb Natapov <gleb@...hat.com> Subject: Re: [PATCH 0/2 v3] kvm: notify host when guest panicked On (Wed) 14 Mar 2012 [17:53:00], Wen Congyang wrote: > At 03/14/2012 05:24 PM, Avi Kivity Wrote: > > On 03/14/2012 10:29 AM, Wen Congyang wrote: > >> At 03/13/2012 06:47 PM, Avi Kivity Wrote: > >>> On 03/13/2012 11:18 AM, Daniel P. Berrange wrote: > >>>> On Mon, Mar 12, 2012 at 12:33:33PM +0200, Avi Kivity wrote: > >>>>> On 03/12/2012 11:04 AM, Wen Congyang wrote: > >>>>>> Do you have any other comments about this patch? > >>>>>> > >>>>> > >>>>> Not really, but I'm not 100% convinced the patch is worthwhile. It's > >>>>> likely to only be used by Linux, which has kexec facilities, and you can > >>>>> put talk to management via virtio-serial and describe the crash in more > >>>>> details than a simple hypercall. > >>>> > >>>> As mentioned before, I don't think virtio-serial is a good fit for this. > >>>> We want something that is simple & guaranteed always available. Using > >>>> virtio-serial requires significant setup work on both the host and guest. > >>> > >>> So what? It needs to be done anyway for the guest agent. > >>> > >>>> Many management application won't know to make a vioserial device available > >>>> to all guests they create. > >>> > >>> Then they won't know to deal with the panic event either. > >>> > >>>> Most administrators won't even configure kexec, > >>>> let alone virtio serial on top of it. > >>> > >>> It should be done by the OS vendor, not the individual admin. > >>> > >>>> The hypercall requires zero host > >>>> side config, and zero guest side config, which IMHO is what we need for > >>>> this feature. > >>> > >>> If it was this one feature, yes. But we keep getting more and more > >>> features like that and we bloat the hypervisor. There's a reason we > >>> have a host-to-guest channel, we should use it. > >>> > >> > >> I donot know how to use virtio-serial. > > > > I don't either, copying Amit. > > > >> I start vm like this: > >> qemu ...\ > >> -device virtio-serial \ > >> -chardev socket,path=/tmp/foo,server,nowait,id=foo \ > >> -device virtserialport,chardev=foo,name=port1 ... > >> > >> You said that there are too many channels. Does it mean /tmp/foo is a channel? > > > > Probably. > > Hmm, if we use virtio-serial, the guest kernel writes something into the channel when > the os is panicked. Is it right? Depends on how you want to use it. It could be the kernel, or it could be a userspace program which monitors syslogs for panic information and passes on that info to the virtio-serial channel. > If so, is this channel visible to guest userspace? If the channle is visible to guest > userspace, the program running in userspace may write the same message to the channel. Access control is via permissions. You can have udev scripts assign whatever uid and gid to the port of your interest. By default, all ports are only accessible to the root user. Amit -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists