qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] mark nic as trusted

From: Anthony Liguori
Subject: Re: [Qemu-devel] [PATCH] mark nic as trusted
Date: Thu, 08 Jan 2009 13:58:31 -0600
User-agent: Thunderbird 2.0.0.19 (X11/20090105) 
Gleb Natapov wrote:

On Wed, Jan 07, 2009 at 01:26:05PM -0600, Anthony Liguori wrote:

Gleb Natapov wrote:

On Wed, Jan 07, 2009 at 11:54:29AM -0600, Anthony Liguori wrote:

Anthony Liguori wrote:

That is for secure guest<->host communication over network. Guest has to
know somehow which link host uses for communication. If guest has no way
to know this, another computer on untrusted network can pretend it is real host and "own" a guest.
So this is for vmchannel? How do you differentiate a real device with that bit set compared to the vmchannel device? 
Like if you were doing PCI passthrough of an e1000...


It's not just one bit. It is 14 byte string. We can put something unique there.

This is for vmchannel?  Why not add a feature to virtio-net?


Yes. This is for vmchannel. Or any other management solution that work
over network. It has to know what network it can trust. The alternative
is much more complex (security certificates, etc).  Why do it virtio-net
specific? What's wrong with more general solution?
Does Windows provide an API for determining "trustedness"? How is this exposed to userspace in Linux?
The thinking behind virtio-net is that you may want to expose a different userspace interface in Windows than networking (maybe something more direct) since it may be impossible to get around the Windows firewalling nonsense. With virtio-net, you could have the Windows driver check the special "vmchannel" flag and present a different userspace interface than the traditional network driver. 

Although that's just a thought.

Regards,

Anthony Liguori


--
                        Gleb.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]