Re: [Qemu-devel] [RFC 0/3] qemu-ga: support for sending events

[Eric Blake]

On 06/23/2017 08:02 AM, Tomáš Golembiovský wrote:
> This is just a draft, or a request for comments if you will.
> 
> This patch sets drafts the support of sending events by QEMU Guest Agent.
> Events can plan important role in monitoring of the guest OS behaviour. The
> range of use cases ranges from events important for scheduling, e.g. memory 
> and
> CPU usage statistics, to things like changes to IP addresses on network
> interfaces to for example changes in the list of active users.
> 
> For now the patch set adds single periodic callback function to the GA main
> loop that can perform checks and trigger events that have occured since
> previous run of the callback.

How do we guarantee that the guest cannot flood qemu with too many events?

Obviously, qga is already used where we (in general) trust the guest to
not be malicious, but we still have to assume that a guest can be
compromised, and will try to abuse qga to escape to an attack against qemu.

> 
> We can of course take it one step further and add a general framwork for
> periodically running any of the already implemented commands. Add a function
> that would maintain a list of registered checks. Client would use some command
> (register-monitor-command) passing it a command name and timeout in seconds 
> and
> the monitoring handler would then run the specified command and report the
> result... or report only if the return value changed since previous 
> invocation.
> This feature would remove part of the communication overhead between client 
> and
> GA.
> 
> So before I invest any more time in either of these approaches, tell me. Would
> somethign like this be wanted or is that too controversial? Any other thoughts
> and ideas?
> 
-- 
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3266
Virtualization:  qemu.org | libvirt.org

signature.asc
Description: OpenPGP digital signature