[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] Add event notification for guest balloon change
From: |
Luiz Capitulino |
Subject: |
Re: [Qemu-devel] [PATCH] Add event notification for guest balloon changes |
Date: |
Fri, 18 May 2012 10:09:34 -0300 |
On Thu, 17 May 2012 16:20:42 -0500
Anthony Liguori <address@hidden> wrote:
> >> Hmm, that's a good point, but my concern was that if we only emit
> >> the event when the target is reached, what happens if the guest
> >> gets very close to the target but never actually reaches it for
> >> some reason.
> >
> > Having a way to detect the last balloon change would be perfect.
>
> libvirt certainly would have to maintain a timeout and make a decision on
> what
> to do if the guest doesn't balloon to target. Not sure how having events
> help
> at all here.
I meant that if there's a way to detect the last balloon change, then
that's the time we could emit BALLOON_CHANGE (vs. emitting only when the
target is reached). I don't think the timeout is a bad idea, though.
> >> Should we perhaps just rate limit it to once per second ?
> >>
> >> BTW, if we're considering guest initiated events to be a potential
> >> DOS in this way, then I should point out the RTC_CHANGE event
> >> will already suffer this way, if a malicious guest continually
> >> adjusts its hardware close. So we might want to apply rate limiting
> >> to that event too ?
> >
> > I think several events can suffer from that. For example, a VNC
> > client could repeatedly connect& disconnect from QEMU. If we're going
> > to fix this, then we'd need a general solution for it.
>
> No, VNC clients are a whole different ballgame. VNC connections will only
> happen from the management network, we don't worry about memory allocation
> from
> malicious VNC clients.
That's true, but as far as an event floods are concerned, I'm not completely
sure we should trust the management network.
But that was only an example, I think that the SUSPENDED event could also
be used by a malicious guests the way Daniel describes above.