[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [RFC 2/3] QMP: rate limit BLOCK_IO_ERROR
From: |
Paolo Bonzini |
Subject: |
Re: [Qemu-devel] [RFC 2/3] QMP: rate limit BLOCK_IO_ERROR |
Date: |
Sun, 17 Aug 2014 08:08:14 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0 |
Il 11/08/2014 13:15, Daniel P. Berrange ha scritto:
>> > 1. Don't throttle. Client can rely on events as long as it keeps the
>> > QMP connection alive. Client should poll after establishing the QMP
>> > connection.
> A malicious guest OS can flood libvirt with events in this way. Of course
> even if we throttle, a compromised QEMU can still flood libvirt. The only
> fail-safe protection is for libvirt to detect flooding and throttle the
> rate at which it talks to the (malicious) QEMU.
>
If you use rerror=stop,werror=stop, only a limited error can be passed
down to libvirt before libvirt invokes the "cont" command and there's no
need to do any throttling.
Paolo