From: Avi Kivity <avi-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
To: Anthony Liguori <anthony-rdkfGonbjUSkNkDKm+mE6A@public.gmane.org>
Cc: kvm-devel
<kvm-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org>,
lguest <lguest-mnsaURCQ41sdnm+yROfE0A@public.gmane.org>,
virtualization-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org
Subject: Re: [kvm-devel] [RFC PATCH 0/4] Inter-guest virtio I/O example with lguest
Date: Thu, 20 Mar 2008 16:27:45 +0200 [thread overview]
Message-ID: <47E27461.4090404@qumranet.com> (raw)
In-Reply-To: <47E26CC1.8080900-rdkfGonbjUSkNkDKm+mE6A@public.gmane.org>
Anthony Liguori wrote:
> Avi Kivity wrote:
>> Rusty Russell wrote:
>>
>>> Hi all,
>>>
>>> Just finished my prototype of inter-guest virtio, using
>>> networking as an example. Each guest mmaps the other's address
>>> space and uses a FIFO for notifications.
>>>
>>>
>>
>> Isn't that a security hole (hole? chasm)? If the two guests can
>> access each other's memory, they might as well be just one guest, and
>> communicate internally.
>>
>
> Each guest's host userspace mmaps the other guest's address space.
> The userspace then does a copy on both the tx and rx paths.
>
Well, that's better security-wise (I'd still prefer to avoid it, so we
can run each guest under a separate uid), but then we lose performance wise.
> Conceivably, this could be done as a read-only mapping so that each
> guest userspace copies only the rx packets. That's about as secure as
> you're going to get with this approach I think.
>
Maybe we can terminate the virtio queue in the host kernel as a pipe,
and splice pipes together.
That gives us guest-guest and guest-process communications, and if you
use aio the kernel can use a dma engine for the copy.
--
error compiling committee.c: too many arguments to function
next prev parent reply other threads:[~2008-03-20 14:27 UTC|newest]
Thread overview: 53+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-03-20 5:59 [RFC PATCH 0/4] Inter-guest virtio I/O example with lguest Rusty Russell
2008-03-20 6:05 ` [RFC PATCH 1/5] lguest: mmap backing file Rusty Russell
[not found] ` <200803201659.14344.rusty-8n+1lVoiYb80n/F98K4Iww@public.gmane.org>
2008-03-20 6:05 ` Rusty Russell
2008-03-20 6:22 ` [RFC PATCH 2/5] lguest: Encapsulate Guest memory ready for dealing with other Guests Rusty Russell
[not found] ` <200803201705.44422.rusty-8n+1lVoiYb80n/F98K4Iww@public.gmane.org>
2008-03-20 6:22 ` Rusty Russell
2008-03-20 6:36 ` [RFC PATCH 3/5] lguest: separate out virtqueue info from device info Rusty Russell
2008-03-20 6:36 ` Rusty Russell
[not found] ` <200803201736.01883.rusty-8n+1lVoiYb80n/F98K4Iww@public.gmane.org>
2008-03-20 6:40 ` [RFC PATCH 4/5] lguest: ignore bad virtqueues Rusty Russell
2008-03-20 6:45 ` [RFC PATCH 5/5] lguest: Inter-guest networking Rusty Russell
2008-03-20 6:45 ` Rusty Russell
2008-03-20 6:40 ` [RFC PATCH 4/5] lguest: ignore bad virtqueues Rusty Russell
2008-03-20 14:04 ` [kvm-devel] [RFC PATCH 1/5] lguest: mmap backing file Anthony Liguori
2008-03-20 14:32 ` [Lguest] " Paul TBBle Hampson
[not found] ` <47E26EE1.5030706-rdkfGonbjUSkNkDKm+mE6A@public.gmane.org>
2008-03-20 14:32 ` Paul TBBle Hampson
2008-03-20 15:07 ` Avi Kivity
2008-03-20 15:24 ` Anthony Liguori
2008-03-20 15:24 ` [kvm-devel] " Anthony Liguori
2008-03-20 22:12 ` Rusty Russell
2008-03-20 23:46 ` Anthony Liguori
2008-03-20 23:46 ` Anthony Liguori
2008-03-23 9:11 ` Avi Kivity
2008-03-23 9:11 ` [kvm-devel] " Avi Kivity
2008-03-20 15:07 ` Avi Kivity
2008-03-20 22:12 ` Rusty Russell
2008-03-20 8:16 ` [Lguest] " Tim Post
2008-03-20 8:16 ` Tim Post
2008-03-20 14:07 ` Paul TBBle Hampson
[not found] ` <1206000960.6873.124.camel-bi+AKbBUZKY6gyzm1THtWbp2dZbC/Bob@public.gmane.org>
2008-03-20 14:07 ` Paul TBBle Hampson
2008-03-21 0:29 ` Rusty Russell
2008-03-21 0:29 ` [Lguest] " Rusty Russell
2008-03-20 14:04 ` [kvm-devel] " Anthony Liguori
2008-03-20 6:54 ` [kvm-devel] [RFC PATCH 0/4] Inter-guest virtio I/O example with lguest Avi Kivity
2008-03-20 13:55 ` Anthony Liguori
[not found] ` <47E20A35.2000600-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
2008-03-20 13:55 ` Anthony Liguori
2008-03-20 14:27 ` Avi Kivity
[not found] ` <47E26CC1.8080900-rdkfGonbjUSkNkDKm+mE6A@public.gmane.org>
2008-03-20 14:27 ` Avi Kivity [this message]
2008-03-20 14:39 ` Anthony Liguori
[not found] ` <47E27461.4090404-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
2008-03-20 14:39 ` Anthony Liguori
2008-03-20 14:55 ` Avi Kivity
2008-03-20 15:05 ` [kvm-devel] " Anthony Liguori
2008-03-20 15:05 ` Anthony Liguori
2008-03-20 15:36 ` [kvm-devel] " Avi Kivity
2008-03-20 15:36 ` Avi Kivity
[not found] ` <47E28482.9010501-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
2008-03-20 15:52 ` [kvm-devel] " Anthony Liguori
2008-03-20 15:52 ` Anthony Liguori
2008-03-20 14:55 ` Avi Kivity
2008-03-20 22:14 ` Rusty Russell
2008-03-20 22:14 ` Rusty Russell
2008-03-20 14:11 ` [kvm-devel] " Anthony Liguori
2008-03-23 12:05 ` Rusty Russell
2008-03-23 12:05 ` Rusty Russell
2008-03-20 6:54 ` [kvm-devel] " Avi Kivity
2008-03-20 14:11 ` Anthony Liguori
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=47E27461.4090404@qumranet.com \
--to=avi-atkuwr5tajbwk0htik3j/w@public.gmane.org \
--cc=anthony-rdkfGonbjUSkNkDKm+mE6A@public.gmane.org \
--cc=kvm-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org \
--cc=lguest-mnsaURCQ41sdnm+yROfE0A@public.gmane.org \
--cc=virtualization-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.