Re: [Qemu-devel] [RFC PATCH 1/6] utils/python_api: add scripting interface for Qemu with python lib

[Stefan Hajnoczi]

On Thu, Aug 08, 2019 at 11:53:07AM +0100, Daniel P. Berrangé wrote:
> On Thu, Aug 08, 2019 at 11:10:13AM +0100, Stefan Hajnoczi wrote:
> > On Wed, Aug 07, 2019 at 12:20:47PM +0200, Philippe Mathieu-Daudé wrote:
> > > > +void python_args_clean(char *args[], int nargs)
> > > > +{
> > > > +    for (int i = 0; i < nargs; i++) {
> > > > +        g_free(args[i]);
> > > > +    }
> > > > +}
> > > > 
> > > 
> > > Wondering about security, is this feature safe to enable in production
> > > environment? It seems to bypass all the hard effort to harden QEMU 
> > > security.
> > 
> > This seems like a feature that distros would not enable.  Only users
> > building QEMU from source could enable it.
> 
> Well that's true when this scripting is only used from one obscure ppc
> device. Once merged though, its inevitable that people will want to
> extend scripting to more & more parts of QEMU code. This is a big can
> of worms...

When it gets used in new contexts it will be necessary to address
problems or accept that it is unsuitable for those use cases.  Starting
simple and dealing with challenges as and when necessary seems okay to
me.

I think we should give features a chance in QEMU if there is a
maintainer to support them.  I don't want to use this feature myself and
I see lots of issues with it for my use cases, but if it is compiled out
and doesn't place many requirements on code that does not use it, let's
give it a chance.

My main concern is licensing.  I think the QEMU Python API should be GPL
licensed because these scripts are executing as part of the QEMU
process.

Beyond that, let's see if people find this feature useful.  Maybe it
will die and be removed, maybe it will become popular and we'll have to
change our perspective :).

Stefan

signature.asc
Description: PGP signature