Re: [Qemu-devel] [RFC 0/3] qemu-ga: support for sending events

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [RFC 0/3] qemu-ga: support for sending events

From:	Tomáš Golembiovský
Subject:	Re: [Qemu-devel] [RFC 0/3] qemu-ga: support for sending events
Date:	Thu, 13 Jul 2017 10:51:11 +0200

On Fri, 7 Jul 2017 15:55:31 -0500
Eric Blake <address@hidden> wrote:

> On 06/23/2017 08:02 AM, Tomáš Golembiovský wrote:
> > This is just a draft, or a request for comments if you will.
> > 
> > This patch sets drafts the support of sending events by QEMU Guest Agent.
> > Events can plan important role in monitoring of the guest OS behaviour. The
> > range of use cases ranges from events important for scheduling, e.g. memory 
> > and
> > CPU usage statistics, to things like changes to IP addresses on network
> > interfaces to for example changes in the list of active users.
> > 
> > For now the patch set adds single periodic callback function to the GA main
> > loop that can perform checks and trigger events that have occured since
> > previous run of the callback.  
> 
> How do we guarantee that the guest cannot flood qemu with too many events?
> 
> Obviously, qga is already used where we (in general) trust the guest to
> not be malicious, but we still have to assume that a guest can be
> compromised, and will try to abuse qga to escape to an attack against qemu.
> 

If you mean situation where something in guest will be triggering events
that qga will be sending then we can implement some throttling in qga. I
belive qemu does something similar for QMP events.

But if you're considering situation where something kills qga and will
attach itself to the serial channel then this is of course more
complex issue.

> > 
> > We can of course take it one step further and add a general framwork for
> > periodically running any of the already implemented commands. Add a function
> > that would maintain a list of registered checks. Client would use some 
> > command
> > (register-monitor-command) passing it a command name and timeout in seconds 
> > and
> > the monitoring handler would then run the specified command and report the
> > result... or report only if the return value changed since previous 
> > invocation.
> > This feature would remove part of the communication overhead between client 
> > and
> > GA.
> > 
> > So before I invest any more time in either of these approaches, tell me. 
> > Would
> > somethign like this be wanted or is that too controversial? Any other 
> > thoughts
> > and ideas?
> >   
> -- 
> Eric Blake, Principal Software Engineer
> Red Hat, Inc.           +1-919-301-3266
> Virtualization:  qemu.org | libvirt.org
> 


-- 
Tomáš Golembiovský <address@hidden>

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-devel] [RFC 0/3] qemu-ga: support for sending events, Tomáš Golembiovský, 2017/07/07
- Re: [Qemu-devel] [RFC 0/3] qemu-ga: support for sending events, Eric Blake, 2017/07/07
  - Re: [Qemu-devel] [RFC 0/3] qemu-ga: support for sending events, Tomáš Golembiovský <=

Prev by Date: Re: [Qemu-devel] [PATCH v3 4/4] intel_iommu: implement mru list for iotlb
Next by Date: Re: [Qemu-devel] [PATCH V2 2/8] qapi: add compress parameters to Qcow2 Blockdev options
Previous by thread: Re: [Qemu-devel] [RFC 0/3] qemu-ga: support for sending events
Next by thread: Re: [Qemu-devel] [RFC 1/3] qemu-ga: add support for events
Index(es):
- Date
- Thread