Anthony, On 8/1/07, Anthony Liguori <[EMAIL PROTECTED]> wrote:
> > feature request: a virtual character device (sort of a virtual serial > > line) that the guest OS might use to communicate with the QEMU > > monitor. That might solve many problems. > > > > Can you provide the use-case you're looking to address with this? As > Dan mentioned, this would be pretty hairy from a security perspective > since the guest could do things it's not supposed to be able to do but > if you've got something specific in mind, there might be another way to > achieve the same results without compromising security. I am working on the project named "kvmadm" which is aimed to giving users private VMs instead of shell accounts on the host. This first of all means that VMs run under privileges of users who started them (there is a suid wrapper that does the root work). Secondly, users are limited in kvm options they are able to supply (mainly to name disk image files and kernel file to boot from - by the means of the same wrapper). Thirdly, power of users to harm the system is same as if they had regular shell accounts on the host that runs their VMs. Possible use case for the feature I am proposing: When guest OS completes shutdown, there should be a clear signal to kvm to exit. One possibility is power-off via ACPI which works, but there may be problems with acpi (some sources recommend to turn it off; personally I personally encountered instability and hangups when booting a guest with rtc and acpi enabled together, so I can boot either with -no-acpi or with -no-rtc, works fine). Another possibility would be sending a monitor command via proposed channel to exit kvm. It may not always be possible to enter such command manually: earlier in this thread I described the situation when the guest OS runs a X window manager, and it is killed during shutdown, the console window may become unaccessible for keyboard input. In the kvmadm wiki, I described the way to switch between host's and guest's window managers, but kvm process must exit in order for this to work as it is not possible to know from outside if the guest OS shut down. Thanks. -- Dimitry Golubovsky Anywhere on the Web ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ kvm-devel mailing list kvm-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/kvm-devel
