[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Making QEMU easier for management tools and applications

From: Dr. David Alan Gilbert
Subject: Re: Making QEMU easier for management tools and applications
Date: Thu, 2 Jan 2020 15:10:06 +0000
User-agent: Mutt/1.13.0 (2019-11-30)

* Stefan Hajnoczi (address@hidden) wrote:

> 5. A jailer is needed to isolate the QEMU process and vhost-user
> device backends using seccomp, Linux namespaces, and maybe
> SELinux/AppArmor.  We used to be able to rely on libvirt for QEMU
> security, but it's becoming a common task for any device backend and
> IMO should be its own launcher tool.

It feels like there's two parts to this:
  a) The sandboxing at startup
  b) Then whatever comms is needed to allow things like hotplugging
    afterwards, passing fd's etc

you'd think (a) would be some code that would be shared between logs of


> 6. A configuration file format is sorely needed so that guest
> configuration can be persisted and easily launched.  Today you have to
> create a shell script that executes a QEMU command-line, but this is
> suboptimal because sharing executable scripts is dangerous from a
> security perspective and is hard to parse or modify programmatically.
> In many of these areas we already have a partial solution.  It just
> needs more work.  I think it would be worth the effort and the mental
> shift to really providing APIs that are easy to use by applications.
> What do you think?
> Have I missed things that are needed?
> Have I included things that are unnecessary?
> Stefan
Dr. David Alan Gilbert / address@hidden / Manchester, UK

reply via email to

[Prev in Thread] Current Thread [Next in Thread]