[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] KVM call for 2017-03-14
|
From: |
Stefan Hajnoczi |
|
Subject: |
Re: [Qemu-devel] KVM call for 2017-03-14 |
|
Date: |
Tue, 14 Mar 2017 16:03:38 +0800 |
|
User-agent: |
Mutt/1.7.1 (2016-10-04) |
On Mon, Mar 13, 2017 at 03:12:07PM +0100, Juan Quintela wrote:
> Peter Maydell <address@hidden> wrote:
> > On 12 March 2017 at 21:45, Juan Quintela <address@hidden> wrote:
> >>
> >>
> >> Hi
> >>
> >> Please, send any topic that you are interested in covering.
> >>
> >> So far the agenda is:
> >>
> >> - Direction of QEMU and toolstack in light of Google Cloud blog:
> >>
> >> https://cloudplatform.googleblog.com/2017/01/7-ways-we-harden-our-KVM-hypervisor-at-Google-Cloud-security-in-plaintext.html
> >
> >
> > Ah, I'd forgotten that this was on the call agenda. I actually
> > had an interesting conversation with Alex Graf last week about
> > some similar topics, which I guess you could generally summarize
> > as "what are the issues we need to address as a project in order
> > to not become irrelevant in five years time". Since I wrote them
> > up for an internal "what I did on my holi^Wconference trip" report
> > I might as well repost them here:
> >
> > - on the "VM support" side, QEMU is more used because it's the only
> > production-quality option in this space, rather than because its
> > users love it. (cf the Google choice to replace it.) It's also got
> > a pretty poor security record.
>
> On a previous life, I have to work on making qemu pass Common Criteria.
> Not to be able to remove large bits of it that we were not interested
> was a mess (basically we care about kvm + a bunch of devices, but it was
> impossible to remove things like TCG).
There was a project to move the build system to Kconfig. Today some
block drivers can be loaded at run-time instead of built into the QEMU
binary.
Actually we don't need Kconfig if we continue developing module support.
For example, if accelerators become modules then you simply don't ship
or load the TCG and qtest modules.
ISTR the next are to modularize was ui/ so that GTK, SDL, SPICE, etc can
be loaded on-demand and do not need to be included in the core QEMU
package.
Stefan
signature.asc
Description: PGP signature
- [Qemu-devel] KVM call for 2017-03-14, Juan Quintela, 2017/03/12
- Re: [Qemu-devel] KVM call for 2017-03-14, Peter Maydell, 2017/03/13
- Re: [Qemu-devel] KVM call for 2017-03-14, Alex Bennée, 2017/03/13
- Re: [Qemu-devel] KVM call for 2017-03-14, Juan Quintela, 2017/03/13
- Re: [Qemu-devel] KVM call for 2017-03-14, Stefan Hajnoczi, 2017/03/14
- Re: [Qemu-devel] KVM call for 2017-03-14, Peter Maydell, 2017/03/14
- Re: [Qemu-devel] KVM call for 2017-03-14, Juan Quintela, 2017/03/14
- Re: [Qemu-devel] KVM call for 2017-03-14, Peter Maydell, 2017/03/14
- Re: [Qemu-devel] KVM call for 2017-03-14, Christian Borntraeger, 2017/03/15
- Re: [Qemu-devel] KVM call for 2017-03-14, Greg Kurz, 2017/03/15
- Re: [Qemu-devel] KVM call for 2017-03-14, Laurent Vivier, 2017/03/15
- Re: [Qemu-devel] KVM call for 2017-03-14, Greg Kurz, 2017/03/15
- Re: [Qemu-devel] KVM call for 2017-03-14, Dr. David Alan Gilbert, 2017/03/14
- Re: [Qemu-devel] KVM call for 2017-03-14, Daniel P. Berrange, 2017/03/14