From mboxrd@z Thu Jan  1 00:00:00 1970
From: Avi Kivity <avi@redhat.com>
Subject: Idea: fuse-kvm filesystem
Date: Thu, 10 May 2012 15:29:54 +0300
Message-ID: <4FABB4C2.3050601@redhat.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
To: KVM list <kvm@vger.kernel.org>, qemu-devel <qemu-devel@nongnu.org>,
	"Richard W.M. Jones" <rjones@redhat.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mx1.redhat.com ([209.132.183.28]:14167 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1759404Ab2EJMaA (ORCPT <rfc822;kvm@vger.kernel.org>);
	Thu, 10 May 2012 08:30:00 -0400
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

Currently when you mount a filesystem, you face two issues:
- you have to be root
- if the media is untrusted, it can exploit your kernel

With kvm and fuse, we can have a virtualized kernel mount the
filesystem, and re-export to the host, which mounts it using a fuse
interface.  This solves both problems, at the expense of speed and
simplicity.  In theory this can be used for mounting untrusted USB
sticks (perhaps only for the less well tested filesystems).

-- 
error compiling committee.c: too many arguments to function


From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([208.118.235.92]:36686)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <avi@redhat.com>) id 1SSSVS-00089b-HC
	for qemu-devel@nongnu.org; Thu, 10 May 2012 08:30:13 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <avi@redhat.com>) id 1SSSVM-0007sL-Ch
	for qemu-devel@nongnu.org; Thu, 10 May 2012 08:30:06 -0400
Received: from mx1.redhat.com ([209.132.183.28]:64599)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <avi@redhat.com>) id 1SSSVM-0007s0-4z
	for qemu-devel@nongnu.org; Thu, 10 May 2012 08:30:00 -0400
Message-ID: <4FABB4C2.3050601@redhat.com>
Date: Thu, 10 May 2012 15:29:54 +0300
From: Avi Kivity <avi@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Subject: [Qemu-devel] Idea: fuse-kvm filesystem
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: KVM list <kvm@vger.kernel.org>, qemu-devel <qemu-devel@nongnu.org>, "Richard W.M. Jones" <rjones@redhat.com>

Currently when you mount a filesystem, you face two issues:
- you have to be root
- if the media is untrusted, it can exploit your kernel

With kvm and fuse, we can have a virtualized kernel mount the
filesystem, and re-export to the host, which mounts it using a fuse
interface.  This solves both problems, at the expense of speed and
simplicity.  In theory this can be used for mounting untrusted USB
sticks (perhaps only for the less well tested filesystems).

-- 
error compiling committee.c: too many arguments to function