From: "Dr. David Alan Gilbert" <dgilbert@redhat.com>
To: "Michael S. Tsirkin" <mst@redhat.com>
Cc: pkrempa@redhat.com, berrange@redhat.com,
Eduardo Habkost <ehabkost@redhat.com>,
aadam@redhat.com, qemu-devel@nongnu.org, laine@redhat.com,
jdenemar@redhat.com, Jens Freimann <jfreimann@redhat.com>,
ailan@redhat.com
Subject: Re: [Qemu-devel] [PATCH 3/4] net/virtio: add failover support
Date: Mon, 3 Jun 2019 09:06:46 +0100 [thread overview]
Message-ID: <20190603080645.GA2640@work-vm> (raw)
In-Reply-To: <20190531164209-mutt-send-email-mst@kernel.org>
* Michael S. Tsirkin (mst@redhat.com) wrote:
> On Fri, May 31, 2019 at 07:45:13PM +0100, Dr. David Alan Gilbert wrote:
> > * Michael S. Tsirkin (mst@redhat.com) wrote:
> > > On Fri, May 31, 2019 at 02:01:54PM -0300, Eduardo Habkost wrote:
> > > > > Yes. It's just lots of extremely low level interfaces
> > > > > and all rather pointless.
> > > > >
> > > > > And down the road extensions like surprise removal support will make it
> > > > > all cleaner and more transparent. Floating things up to libvirt means
> > > > > all these low level details will require more and more hacks.
> > > >
> > > > Why do you call it pointless?
> > >
> > > We'd need APIs to manipulate device visibility to guest, hotplug
> > > controller state and separately manipulate the resources allocated. This
> > > is low level stuff that users really have no idea what to do about.
> > > Exposing such a level of detail to management is imho pointless.
> > > We are better off with a high level API, see below.
> >
> > so I don't know much about vfio; but to me it strikes me that
> > you wouldn't need that low level detail if we just reworked vfio
> > to look more like all our other devices; something like:
> >
> > -vfiodev host=02:00.0,id=gpu
> > -device vfio-pci,dev=gpu
> >
> > The 'vfiodev' would own the resources; so to do this trick, the
> > management layer would:
> > hotunplug the vfio-pci
> > migrate
> >
> > if anything went wrong it would
> > hotplug the vfio-pci backin
> >
> > you wouldn't have free'd up any resources because they belonged
> > to the vfiodev.
>
>
> IIUC that doesn't really work with passthrough
> unless guests support surprise removal.
Why? The view from the guest here is just like what this series
has added without the special hack.
Dave
>
> > > > If we want this to work before
> > > > surprise removal is implemented, we need to provide an API that
> > > > works for management software.
> > > > Don't we want to make this work
> > > > without surprise removal too?
> > >
> > > This patchset adds an optional, off by default support for
> > > migrating guests with an assigned network device.
> > > If enabled this requires guest to allow migration.
> > >
> > > Of course this can be viewed as a security problem since it allows guest
> > > to block migration. We can't detect a malicious guest reliably imho.
> > > What we can do is report to management when guest allows migration.
> > > Policy such what to do when this does not happen for a while and
> > > what timeout to set would be up to management.
> > >
> > > The API in question would be a high level one, something
> > > along the lines of a single "guest allowed migration" event.
> >
> > This is all fairly normal problems with hot unplugging - that's
> > already dealt with at higher levels for normal hot unplugging.
> >
> > The question here is to try to avoid duplicating that fairly
> > painful process in qemu.
> >
> > Dave
> > >
> > > --
> > > MST
> > --
> > Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
--
Dr. David Alan Gilbert / dgilbert@redhat.com / Manchester, UK
next prev parent reply other threads:[~2019-06-03 8:19 UTC|newest]
Thread overview: 77+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-05-17 12:58 [Qemu-devel] [PATCH 0/4] add failover feature for assigned network devices Jens Freimann
2019-05-17 12:58 ` [Qemu-devel] [PATCH 1/4] migration: allow unplug during migration for failover devices Jens Freimann
2019-05-21 9:33 ` Dr. David Alan Gilbert
2019-05-21 9:47 ` Daniel P. Berrangé
2019-05-23 8:01 ` Jens Freimann
2019-05-23 15:37 ` Dr. David Alan Gilbert
2019-05-17 12:58 ` [Qemu-devel] [PATCH 2/4] qdev/qbus: Add hidden device support Jens Freimann
2019-05-21 11:33 ` Michael S. Tsirkin
2019-05-17 12:58 ` [Qemu-devel] [PATCH 3/4] net/virtio: add failover support Jens Freimann
2019-05-21 9:45 ` Dr. David Alan Gilbert
2019-05-30 14:56 ` Jens Freimann
2019-05-30 17:46 ` Michael S. Tsirkin
2019-05-30 18:00 ` Dr. David Alan Gilbert
2019-05-30 18:09 ` Michael S. Tsirkin
2019-05-30 18:22 ` Eduardo Habkost
2019-05-30 23:06 ` Michael S. Tsirkin
2019-05-31 17:01 ` Eduardo Habkost
2019-05-31 18:04 ` Michael S. Tsirkin
2019-05-31 18:42 ` Eduardo Habkost
2019-05-31 18:45 ` Dr. David Alan Gilbert
2019-05-31 20:29 ` Alex Williamson
2019-05-31 21:05 ` Michael S. Tsirkin
2019-05-31 21:59 ` Eduardo Habkost
2019-06-03 8:59 ` Dr. David Alan Gilbert
2019-05-31 20:43 ` Michael S. Tsirkin
2019-05-31 21:03 ` Eduardo Habkost
2019-06-03 8:06 ` Dr. David Alan Gilbert [this message]
2019-05-30 19:08 ` Dr. David Alan Gilbert
2019-05-30 19:21 ` Michael S. Tsirkin
2019-05-31 8:23 ` Dr. David Alan Gilbert
2019-06-05 15:23 ` Daniel P. Berrangé
2019-05-30 18:17 ` Eduardo Habkost
2019-05-30 19:09 ` Dr. David Alan Gilbert
2019-05-31 21:47 ` Eduardo Habkost
2019-06-03 8:24 ` Jens Freimann
2019-06-03 9:26 ` Jens Freimann
2019-06-03 18:10 ` Laine Stump
2019-06-03 18:46 ` Alex Williamson
2019-06-05 15:20 ` Daniel P. Berrangé
2019-06-06 15:00 ` Roman Kagan
2019-06-03 19:36 ` Eduardo Habkost
2019-06-04 13:43 ` Jens Freimann
2019-06-04 14:09 ` Eduardo Habkost
2019-06-04 17:06 ` Michael S. Tsirkin
2019-06-04 19:00 ` Dr. David Alan Gilbert
2019-06-07 14:14 ` Jens Freimann
2019-06-07 14:32 ` Michael S. Tsirkin
2019-06-07 17:51 ` Dr. David Alan Gilbert
2019-06-05 14:36 ` Daniel P. Berrangé
2019-06-05 16:04 ` Laine Stump
2019-06-05 16:19 ` Daniel P. Berrangé
2019-05-17 12:58 ` [Qemu-devel] [PATCH 4/4] vfio/pci: unplug failover primary device before migration Jens Freimann
2019-05-20 22:56 ` [Qemu-devel] [PATCH 0/4] add failover feature for assigned network devices Alex Williamson
2019-05-21 7:21 ` Jens Freimann
2019-05-21 11:37 ` Michael S. Tsirkin
2019-05-21 18:49 ` Jens Freimann
2019-05-29 0:14 ` si-wei liu
2019-05-29 2:54 ` Michael S. Tsirkin
2019-06-03 18:06 ` Laine Stump
2019-06-03 18:12 ` Michael S. Tsirkin
2019-06-03 18:18 ` Laine Stump
2019-06-06 21:49 ` Michael S. Tsirkin
2019-05-29 2:40 ` Michael S. Tsirkin
2019-05-29 7:48 ` Jens Freimann
2019-05-30 18:12 ` Michael S. Tsirkin
2019-05-31 15:12 ` Jens Freimann
2019-05-21 14:18 ` Alex Williamson
2019-05-21 8:37 ` Daniel P. Berrangé
2019-05-21 10:10 ` Michael S. Tsirkin
2019-05-21 19:17 ` Jens Freimann
2019-05-21 21:43 ` Michael S. Tsirkin
2019-06-11 15:42 ` Laine Stump
2019-06-11 15:51 ` Michael S. Tsirkin
2019-06-11 16:12 ` Laine Stump
2019-06-12 9:11 ` Daniel P. Berrangé
2019-06-12 11:59 ` Jens Freimann
2019-06-12 15:54 ` Laine Stump
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190603080645.GA2640@work-vm \
--to=dgilbert@redhat.com \
--cc=aadam@redhat.com \
--cc=ailan@redhat.com \
--cc=berrange@redhat.com \
--cc=ehabkost@redhat.com \
--cc=jdenemar@redhat.com \
--cc=jfreimann@redhat.com \
--cc=laine@redhat.com \
--cc=mst@redhat.com \
--cc=pkrempa@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.