[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 0/2 v3] kvm: notify host when guest panicked
From: |
Wen Congyang |
Subject: |
Re: [Qemu-devel] [PATCH 0/2 v3] kvm: notify host when guest panicked |
Date: |
Wed, 14 Mar 2012 19:06:50 +0800 |
User-agent: |
Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.9) Gecko/20100413 Fedora/3.0.4-2.fc13 Thunderbird/3.0.4 |
At 03/14/2012 06:59 PM, Daniel P. Berrange Wrote:
> On Wed, Mar 14, 2012 at 06:58:47PM +0800, Wen Congyang wrote:
>> At 03/14/2012 06:52 PM, Avi Kivity Wrote:
>>> On 03/14/2012 12:52 PM, Wen Congyang wrote:
>>>>>
>>>>>> If so, is this channel visible to guest userspace? If the channle is
>>>>>> visible to guest
>>>>>> userspace, the program running in userspace may write the same message
>>>>>> to the channel.
>>>>>
>>>>> Access control is via permissions. You can have udev scripts assign
>>>>> whatever uid and gid to the port of your interest. By default, all
>>>>> ports are only accessible to the root user.
>>>>
>>>> We should also prevent root user writing message to this channel if it is
>>>> used for panicked notification.
>>>>
>>>
>>> Why? root can easily cause a panic.
>>>
>>
>> root user can write the same message to virtio-serial while the guest is
>> running...
>
> Unless you are running a MAC policy which strictly confines the root
> account, root can cause a kernel panic regardless of virtio-serial
> permissions in the guest:
>
> echo c > /proc/sysrq-trigger
Yes, root user can cause a kernel panic. But if he writes the same message to
virtio-serial,
the host will see the guest is panicked while the guest is not panicked. The
host is cheated.
If we use vmcall, and the user causes a kernel panic, we can also know the
guest is panicked.
It is the thing what we need. We need to know the guest is panicked, and we
donot aware
why it is panicked. If the guest is not panicked, and the host think the guest
is panicked, it
is not the thing we need.
Thanks
>
> Regards,
> Daniel
- Re: [Qemu-devel] [PATCH 0/2 v3] kvm: notify host when guest panicked, (continued)
- Re: [Qemu-devel] [PATCH 0/2 v3] kvm: notify host when guest panicked, Wen Congyang, 2012/03/14
- Re: [Qemu-devel] [PATCH 0/2 v3] kvm: notify host when guest panicked, Amit Shah, 2012/03/14
- Re: [Qemu-devel] [PATCH 0/2 v3] kvm: notify host when guest panicked, Wen Congyang, 2012/03/14
- Re: [Qemu-devel] [PATCH 0/2 v3] kvm: notify host when guest panicked, Gleb Natapov, 2012/03/14
- Re: [Qemu-devel] [PATCH 0/2 v3] kvm: notify host when guest panicked, Wen Congyang, 2012/03/14
- Re: [Qemu-devel] [PATCH 0/2 v3] kvm: notify host when guest panicked, Gleb Natapov, 2012/03/14
- Re: [Qemu-devel] [PATCH 0/2 v3] kvm: notify host when guest panicked, Wen Congyang, 2012/03/14
- Re: [Qemu-devel] [PATCH 0/2 v3] kvm: notify host when guest panicked, Avi Kivity, 2012/03/14
- Re: [Qemu-devel] [PATCH 0/2 v3] kvm: notify host when guest panicked, Wen Congyang, 2012/03/14
- Re: [Qemu-devel] [PATCH 0/2 v3] kvm: notify host when guest panicked, Daniel P. Berrange, 2012/03/14
- Re: [Qemu-devel] [PATCH 0/2 v3] kvm: notify host when guest panicked,
Wen Congyang <=
- Re: [Qemu-devel] [PATCH 0/2 v3] kvm: notify host when guest panicked, Gleb Natapov, 2012/03/14
- Re: [Qemu-devel] [PATCH 0/2 v3] kvm: notify host when guest panicked, Daniel P. Berrange, 2012/03/14
- Re: [Qemu-devel] [PATCH 0/2 v3] kvm: notify host when guest panicked, Gleb Natapov, 2012/03/14
- Re: [Qemu-devel] [PATCH 0/2 v3] kvm: notify host when guest panicked, Amit Shah, 2012/03/14
- Re: [Qemu-devel] [PATCH 0/2 v3] kvm: notify host when guest panicked, Amit Shah, 2012/03/14
- Re: [Qemu-devel] [PATCH 0/2 v3] kvm: notify host when guest panicked, Wen Congyang, 2012/03/14
- Re: [Qemu-devel] [PATCH 0/2 v3] kvm: notify host when guest panicked, Avi Kivity, 2012/03/14
- Re: [Qemu-devel] [PATCH 0/2 v3] kvm: notify host when guest panicked, Amit Shah, 2012/03/14
- Re: [Qemu-devel] [PATCH 0/2 v3] kvm: notify host when guest panicked, Gleb Natapov, 2012/03/14
- Re: [Qemu-devel] [PATCH 0/2 v3] kvm: notify host when guest panicked, Daniel P. Berrange, 2012/03/14