[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] Re: [PATCH 5/5] Port apic to new VMState design
|
From: |
Reimar Döffinger |
|
Subject: |
Re: [Qemu-devel] Re: [PATCH 5/5] Port apic to new VMState design |
|
Date: |
Wed, 19 Aug 2009 11:16:22 +0200 |
|
User-agent: |
Mutt/1.5.20 (2009-06-14) |
On Wed, Aug 19, 2009 at 11:07:19AM +0200, Gerd Hoffmann wrote:
> >> When you are able modify the savevm state you already have access to the
> >> host ...
> >
> > Huh? Being able to modify the savevm state is not the same as being able
> > to run arbitrary code on the host.
>
> Yes, in theory. And in practice? What is the point in allowing remote
> write access to savevm state?
E.g. migration between entities that do not 100% trust each other?
Or debugging, a user does savevm and a developer can look at it and
debug after loadvm?
> > Currently there is no way you could even consider running a savevm from
> > an untrusted source, but I think that is just because of qemu's current
> > implementation, not because it has to be.
>
> Getting that right is a pretty big job though ...
I said that already, but I don't think that's a valid excuse to not
consider that _for the design of a new API_. Unless you enjoy designing
a new API every few months...
- [Qemu-devel] Re: [PATCH 4/5] New VMstate save/load infrastructure, (continued)
[Qemu-devel] [PATCH 5/5] Port apic to new VMState design, Juan Quintela, 2009/08/18
Re: [Qemu-devel] Re: [PATCH 5/5] Port apic to new VMState design, Gerd Hoffmann, 2009/08/19
Re: [Qemu-devel] Re: [PATCH 5/5] Port apic to new VMState design, Reimar Döffinger, 2009/08/19
Message not availableMessage not availableRe: [Qemu-devel] Re: [PATCH 5/5] Port apic to new VMState design,
Reimar Döffinger <=
Re: [Qemu-devel] [PATCH RFC 0/5] New VMState table based load/save infrastructure, Gerd Hoffmann, 2009/08/19