Re: [Qemu-devel] Re: Spice project is now open

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] Re: Spice project is now open

From:	Dor Laor
Subject:	Re: [Qemu-devel] Re: Spice project is now open
Date:	Sun, 13 Dec 2009 00:35:05 +0200
User-agent:	Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.4pre) Gecko/20090922 Fedora/3.0-3.9.b4.fc12 Lightning/1.0pre Thunderbird/3.0b4 ThunderBrowse/3.2.6.8

On 12/12/2009 07:40 PM, Anthony Liguori wrote:

If Spice can crash a guest, that indicates to me that Spice is
maintaining guest visible state.  That is difficult architecturally
because if we want to do something like introduce a secure sandbox for
running guest visible emulation, libspice would have to be part of that
sandbox which would seem to be difficult.

The VNC server cannot crash a guest by comparison.


That's not accurate:

https://bugzilla.redhat.com/show_bug.cgi?id=505641 - (CVE-2009-3616)CVE-2009-3616 Remote VNC client can cause any QEMU VNC server to crashwith a double-free

and again: https://bugzilla.redhat.com/show_bug.cgi?id=495646 - Getsegfault when changing vnc password



Why vnc server code should be protected and spice server not?

In addition, like Izik said, the qxl device/driver pair is a must. QXLis a great addition even in 'old' vnc mode since it supports lots ofgoodies. In addition for caching it also allows s3 state (qxl d3) forthe OS, unlike Cirrus.


More VNC bugs that we run into:

https://bugzilla.redhat.com/show_bug.cgi?id=507880 - qemu hangs duringVNC connection from RHEVMhttps://bugzilla.redhat.com/show_bug.cgi?id=490344 - QEMU: Cannot VNCto a VM if a VNC is already opened to ithttps://bugzilla.redhat.com/show_bug.cgi?id=497524 - QEMU: Early BIOSerror message cannot be seen after reboot in VNChttps://bugzilla.redhat.com/show_bug.cgi?id=501263 - KVM: VNC screen issometimes corrupted (at boot?)

If we'll break spice to components we have the following (and I'm not aspice expert):

1. QXL device/driver pair
   Is anyone debate we should have it in qemu?
   We should attach it SDL and vnc backend too anyway.
2. VDI (Virtual Desktop Interface)
   http://www.spice-space.org/vdi.html
   It's an abstraction layer for graphics/keyboard/mouse/sound
   /usb/serial.
   We need it anyway regardless of spice. What is our user like to
   switch from vnc to SDL on runtime? It's good for usb-over-ip for
   remoting, for various mouse modes, etc.
3. Spice server
   Shared library, in the same address space of qemu (like vnc server).
   Very sophisticated peace of code.
4. Spice client - independent.

So #1 shouldn't run into any opposition.

We can discuss why #2 is good, the layering separation betweenguest/host seems good idea to me.As for #3, this is a library. If we have #2, one can even use a separateaddress space for sanity reasons. From my experience with spice (throughall Red Hat QA), 99.9% of failures originated in qemu..


HTH,
Dor


FWIW, I don't see any reason why Spice couldn't be made to be separate
from guest emulation.  I think it would just require the right
interfacing in qemu.  I think that's purely an implementation detail.

Regards,

Anthony Liguori

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] Re: Spice project is now open, (continued)

Prev by Date: Re: [Qemu-devel] Re: Spice and legacy VGA drivers
Next by Date: Re: [Qemu-devel] Re: Spice project is now open
Previous by thread: Re: [Qemu-devel] Re: Spice project is now open
Next by thread: Re: [Qemu-devel] Re: Spice project is now open
Index(es):
- Date
- Thread