On Thu, Dec 29, 2011 at 04:55:11PM +0200, Avi Kivity wrote: > On 12/29/2011 04:49 PM, Isaku Yamahata wrote: > > > > Great, then we agreed with list/reattach basically. > > > > (Maybe identity scheme needs reconsideration.) > > > > > > I guess we miscommunicated. Why is reattach needed? If you have the > > > fd, nothing else is needed. > > > > What if malicious process close the fd and does page fault intentionally? > > Unkillable process issue remains. > > I think we are talking not only qemu case but also general case. > > It's not unkillable. If you sleep with TASK_INTERRUPTIBLE then you can > process signals. This includes SIGKILL.
Hmm, you said that the fault handler doesn't resolve the page fault. > > Don't resolve the page fault. It's up to the user/system to make sure > > it happens. qemu can easily do it by watching for the daemon's death > > and respawning it. To kill the process, the fault handler must return resolving the fault. It must return something. What do you expect? VM_FAULT_SIGBUS? zero page? -- yamahata
