Re: [Qemu-devel] [multiprocess RFC PATCH 00/37] Initial support of multi-process qemu
On Thu, Mar 07, 2019 at 02:27:57PM +0100, Marc-André Lureau wrote: > Hi > > On Thu, Mar 7, 2019 at 11:46 AM Stefan Hajnoczi wrote: > > > > On Wed, Mar 06, 2019 at 11:20:25PM -0800, elena.ufimts...@oracle.com wrote: > > > From: Elena Ufimtseva > > > > > > Initial support of multi-process qemu > > > > Hi Elena, > > Please use the following setting when sending future patch series: > > > > $ git config sendemail.thread shallow > > > > This way all patches are part of a single email thread (starting with > > your PATCH 00 cover letter). Reviewers find this more convenient so > > that individual emails don't get separated and lost. Thanks Stefan, will do. > > > > Please also check that there is no regression after each commit. In > particular, the build shouldn't fail, so we can easily study, apply > and bisect patches one by one. > Yep, we try to make sure each commit builds and will automate for future series as well, maybe with some simple tests. Elena > thanks > > > -- > Marc-André Lureau
Re: [Qemu-devel] [multiprocess RFC PATCH 00/37] Initial support of multi-process qemu
Hi On Thu, Mar 7, 2019 at 11:46 AM Stefan Hajnoczi wrote: > > On Wed, Mar 06, 2019 at 11:20:25PM -0800, elena.ufimts...@oracle.com wrote: > > From: Elena Ufimtseva > > > > Initial support of multi-process qemu > > Hi Elena, > Please use the following setting when sending future patch series: > > $ git config sendemail.thread shallow > > This way all patches are part of a single email thread (starting with > your PATCH 00 cover letter). Reviewers find this more convenient so > that individual emails don't get separated and lost. > Please also check that there is no regression after each commit. In particular, the build shouldn't fail, so we can easily study, apply and bisect patches one by one. thanks -- Marc-André Lureau
Re: [Qemu-devel] [multiprocess RFC PATCH 00/37] Initial support of multi-process qemu
On Wed, Mar 06, 2019 at 11:20:25PM -0800, elena.ufimts...@oracle.com wrote: > From: Elena Ufimtseva > > Initial support of multi-process qemu Hi Elena, Please use the following setting when sending future patch series: $ git config sendemail.thread shallow This way all patches are part of a single email thread (starting with your PATCH 00 cover letter). Reviewers find this more convenient so that individual emails don't get separated and lost. Thanks, Stefan signature.asc Description: PGP signature
[Qemu-devel] [multiprocess RFC PATCH 00/37] Initial support of multi-process qemu
From: Elena Ufimtseva Initial support of multi-process qemu CCing people who were discussing this functionality with Jag during KVM forum last (2018) year to continue the conversation. Started with the presentation in October 2017 made by Marc-Andre (Red Hat) and Konrad Wilk (Oracle) (http://events17.linuxfoundation.org/sites/events/files/slides/KVM%20FORUM%20multi-process.pdf, https://www.youtube.com/watch?v=Kq1-coHh7lg) and continued in the BoF session at the KVM forum in 2018 with Jag leading the discussion, the multi-process project is now in the prototype version and presented by this patchset. The proof of the concept patches were posted on the qemu-devel mailing list before the BoF session at the KVM forum and can be found here: https://www.mail-archive.com/qemu-devel@nongnu.org/msg566538.html This series presents the initial support for QEMU that can launch some of the devices in the remote processes. We would like to present set of RFC patches with some extention to the previous patches and hoping that we can continue working on the patches with the community feedback. Following people contributed to this patchset: John G Johnson Jagannathan Raman Elena Ufimtseva Kanth Ghatraju Great QEMU code is the result of the efforts of many excellent contributors and Coverity (static-analyzer) shows defect density lower than in Linux kernel! >From a security perspective, this is fantastic. But as we all know new features and sometimes even bug-fixes can bring in security bugs. We want to squash them as soon as possible. Also, some of the older code may still have security bugs lurking in it that haven't yet been explored. Hence this patch set aims at minimizing the attack vectors by splitting and minimizing the size of the text _without_ losing the wealth of features. Being able to launch separate processes for emulation of certain subsystems allow for providing for each remote process only the privileges it needs to provide its service, e.g., a disk service could be given access only the the disk images it provides, and not be allowed to access other files, or any network devices. An attacker who compromised this service would not be able to use this exploit to access files or devices beyond what the disk service was given access to. For full concept writeup about QEMU disaggregation refer to docs/devel/qemu-multiprocess.txt. This series has a limited scope and allows QEMU to launch LSI SCSI controller emulation in the separate process and execute HMP commands to manipulate the devices. Please refer to the docs/qemu-multiprocess.txt for usage information. This series is based on qemu upstream (on top of the commit commit 32694e98b8d7a246345448a8f707d2e11d6c65e2). In the future we hope to work on: - live migration; - performance improvements; - support for more devices; - support for CPU disaggregated emulation; We would like to welcome all your ideas, concerns and questions for this patchset. Thank you! Elena Ufimtseva (15): multi-process: add a command line option for debug file multi-process: introduce proxy object multi-process: store info about the remote process multi-process: add command line options rdrive and rdevice multi-process: pass proxy link socket fd to remote process multi-process: configure remote side devices multi-process: add qdev_proxy_add to create proxy devices multi-process: remote: add setup_devices and setup_drive msg processing multi-process: remote: use fd for socket from parent process multi-process: remote: add create_done condition multi-process: add processing of rdrive and rdevice command line multi-process: add heartbeat timer and signal handler multi-process: handle heartbit messages in remote process multi-process: add the concept description to docs/devel/qemu-multiprocess multi-process: add configure and usage information Jagannathan Raman (22): multi-process: memory: alloc RAM from file at offset multi-process: util: Add qemu_thread_cancel() to cancel running thread multi-process: Add stub functions to facilate build of multi-process multi-process: Add config option for multi-process QEMU multi-process: build system for remote device process multi-process: define proxy-link object multi-process: add functions to synchronize proxy and remote endpoints multi-process: setup PCI host bridge for remote device multi-process: setup a machine object for remote device process multi-process: setup memory manager for remote device multi-process: remote process initialization multi-process: PCI BAR write handling for proxy & remote endpoints multi-process: PCI BAR read handling for proxy & remote endpoints multi-process: Add LSI device proxy object multi-process: Synchronize remote memory multi-process: create IOHUB object to handle irq multi-process: Add QMP & HMP commands to list remote processes multi-process: QMP/HMP commands to add a device to the remote process multi-pr
