From mboxrd@z Thu Jan 1 00:00:00 1970 From: Joanna Rutkowska Subject: Re: A few KVM security questions Date: Mon, 07 Dec 2009 14:55:23 +0100 Message-ID: <4B1D094B.5000700@invisiblethingslab.com> References: <4B1CFD93.7090307@invisiblethingslab.com> <4B1D0057.8030707@redhat.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enigD8CA96B2CF4FA4246C4404FD" Cc: kvm@vger.kernel.org To: Avi Kivity Return-path: Received: from out1.smtp.messagingengine.com ([66.111.4.25]:35320 "EHLO out1.smtp.messagingengine.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S935107AbZLGNzX (ORCPT ); Mon, 7 Dec 2009 08:55:23 -0500 In-Reply-To: <4B1D0057.8030707@redhat.com> Sender: kvm-owner@vger.kernel.org List-ID: This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigD8CA96B2CF4FA4246C4404FD Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Avi Kivity wrote: > On 12/07/2009 03:05 PM, Joanna Rutkowska wrote: >> In particular, is >> it possible to move the qemu from the host to one of the VMs? Perhaps = to >> have a separate copy of qemu for each VM? (ala Xen's stub-domains) >> =20 >=20 > It should be fairly easy to place qemu in a guest. You would leave a > simple program on the host to communicate with kvm and pass any data > written by the guest to qemu running in another guest, and feed any > replies back to the guest. >=20 But then you would need to have another qemu (on the host) to support running this "qemu-VM", where we want to put the qemu, right? joanna. --------------enigD8CA96B2CF4FA4246C4404FD Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iEYEARECAAYFAksdCU8ACgkQORdkotfEW8666QCgzJTDzAJqaYRntilgLS19/JAY JfYAoPPqh5hK+HJ4mOVGINa3T4rzlp2F =M5hs -----END PGP SIGNATURE----- --------------enigD8CA96B2CF4FA4246C4404FD--