Hi,
For those who are interested, I have posted the notes from the 2011
Linux Plumbers Virtualization micro conference here:
http://wiki.linuxplumbersconf.org/2011:virtualization
Slides can be found by clicking on the presentation and going onto the
Plumbers abstracts.
Cheers,
Jes
--
libvir-li
On 07/21/11 16:02, Eric Blake wrote:
> On 07/21/2011 02:38 AM, Jes Sorensen wrote:
>> On 07/20/11 11:36, Daniel P. Berrange wrote:
>>> On Wed, Jul 20, 2011 at 10:23:12AM +0200, Jes Sorensen wrote:
>>>> Pardon, but I fail to see the issue here. If QEMU passes a file
On 07/21/11 15:47, Eric Blake wrote:
> On 07/21/2011 02:40 AM, Jes Sorensen wrote:
>>> The security goal of libvirt is to protect the host from a compromised
>>> QEMU, therefore QEMU is, by definition, untrusted.
>>
>> Well that part goes both ways. By applying th
On 07/21/11 15:07, Markus Armbruster wrote:
> Jes Sorensen writes:
>> Right, we're stuck with the two horros of NFS and selinux, so we need
>> something that gets around the problem. In a sane world we would simply
>> say 'no NFS, no selinux', but as you
On 07/21/11 11:34, Daniel P. Berrange wrote:
>>> > > QEMU is *not* yet running at the time libvirt reads the file metadata.
>> >
>> > Of course it is: hotplug
> In the case of hotplug, the hotplug monitor commands have not yet been
> invoked when libvirt access the file metadata, or the drive has
On 07/21/11 10:18, Kevin Wolf wrote:
> Am 20.07.2011 19:47, schrieb Eric Blake:
>> > We really _do_ need a way to give qemu both an fd and the name of the
>> > file that the fd is tied to. On Linux, qemu could use /proc/self/fd to
>> > reconstruct the name from fd, but that's not portable to oth
On 07/21/11 10:36, Kevin Wolf wrote:
> Am 21.07.2011 10:07, schrieb Jes Sorensen:
>> Rather than trying to do this by mangling files on the disk, I would
>> suggest we allow registering a call-back open function, which calls back
>> into libvirt and requests it to open a given
On 07/20/11 12:28, Daniel P. Berrange wrote:
> On Wed, Jul 20, 2011 at 12:15:02PM +0200, Nicolas Sebrecht wrote:
>> Actually, libvirt should not have to worry if the filename provided by
>> QEMU is valid. I think it should trust QEMU. If QEMU doesn't provide
>> information others can trust; it shou
On 07/20/11 11:36, Daniel P. Berrange wrote:
> On Wed, Jul 20, 2011 at 10:23:12AM +0200, Jes Sorensen wrote:
>> Pardon, but I fail to see the issue here. If QEMU passes a filename back
>> to libvirt, libvirt still gets to make the decision whether or not it is
>> legitimate
On 07/20/11 11:38, Daniel P. Berrange wrote:
> On Wed, Jul 20, 2011 at 10:26:49AM +0200, Jes Sorensen wrote:
>> On 07/19/11 18:47, Daniel P. Berrange wrote:
>>> On Tue, Jul 19, 2011 at 04:30:19PM +0200, Jes Sorensen wrote:
>>>> On 07/19/11 16:24, Eric Blake wrote:
>
On 07/20/11 21:51, Blue Swirl wrote:
>> And the snapshot_blkdev monitor command is a case where qemu needs to create
>> > a new qcow2 image on the fly, while referencing the name of an existing
>> > file. What backing name do you put in the new qcow2 file unless you
>> > already
>> > have a name
On 07/20/11 19:47, Eric Blake wrote:
> On 07/20/2011 11:27 AM, Blue Swirl wrote:
>> I'd avoid any name based access in this case. If QEMU has write access
>> to main file, it could forge the backing file name in main file to
>> point to for example /etc/shadow and then request libvirt to perform
>>
On 07/20/11 15:46, Eric Blake wrote:
> On 07/20/2011 07:25 AM, Jes Sorensen wrote:
>>> I think if libvirt wants qemu to use an fd instead of a file name, it
>>> shouldn't pass a file name but an fd in the first place. Which means
>>> that the two that we n
On 07/20/11 12:01, Kevin Wolf wrote:
>> > Right, we're stuck with the two horros of NFS and selinux, so we need
>> > something that gets around the problem. In a sane world we would simply
>> > say 'no NFS, no selinux', but as you say that will never happen.
>> >
>> > My suggestion of a callback m
On 07/19/11 18:47, Daniel P. Berrange wrote:
> On Tue, Jul 19, 2011 at 04:30:19PM +0200, Jes Sorensen wrote:
>> On 07/19/11 16:24, Eric Blake wrote:
>>> Besides, I feel that having a well-documented file format, so that
>>> independent applications can both parse
On 07/19/11 18:14, Anthony Liguori wrote:
>>> As nice as that sentiment is, it will never fly, because it would be a
>>> regression in current behavior. The whole reason that the virt_use_nfs
>>> SELinux bool exists is that some people are willing to make the partial
>>> security tradeoff. Beside
On 07/19/11 18:46, Daniel P. Berrange wrote:
> On Tue, Jul 19, 2011 at 04:14:27PM +0100, Stefan Hajnoczi wrote:
>> For fd-passing perhaps we have an opportunity to use a callback
>> mechanism (QEMU request: filename -> libvirt response: fd) and do all
>> the image format parsing in QEMU.
>
> The r
On 07/19/11 16:24, Eric Blake wrote:
> [adding the libvir-list]
> On 07/19/2011 08:09 AM, Jes Sorensen wrote:
>> Urgh, libvirt parsing image files is really unfortunate, it really
>> doesn't give me warm fuzzy feelings :( libvirt really should not know
>> about interna
On 07/08/11 10:58, Stefan Hajnoczi wrote:
> On Thu, Jul 7, 2011 at 8:34 PM, Eric Blake wrote:
>> Well, the best thing (from libvirt's point of view) would be if
>> snapshot_blkdev took a single string argument, which is either a
>> /path/to/filename (and qemu does open()) or fd:name notation (to r
Hi,
With the success of last year's Virtualization micro-conference track
at Linux Plumbers 2010, I have accepted to organize a similar track
for Linux Plumbers 2011 in Santa Rosa. Please see the official Linux
Plumbers 2011 website for full details about the conference:
http://www.linuxplumbersco
On 04/22/10 20:47, Anthony Liguori wrote:
> On 04/12/2010 07:23 AM, Jamie Lokier wrote:
>> Some simple but versatile hook ideas:
>>
>> - (no space splitting, one option,
>> appended)
>> - (space splitting multiple options)
>> -
>> -
>> -VALUE
>
> I'd strongly suggest not foc
On 03/23/10 11:25, Gerd Hoffmann wrote:
On 03/23/10 09:54, Jes Sorensen wrote:
One problem I have found, and I am not sure how to fix this in this
context. Sometimes when hacking on qemu, I want to try out a new
qemu binary on an existing image, without replacing the system wide
one and may
On 03/22/10 22:53, Anthony Liguori wrote:
On 03/22/2010 04:33 PM, Gerd Hoffmann wrote:
libvirt is very unfriendly to qemu hackers. There is no easy way to
add command line switches. There is no easy way to get access to the
monitor. I can get it done by pointing to a wrapper script
and mangle t
23 matches
Mail list logo