From mboxrd@z Thu Jan  1 00:00:00 1970
From: Anthony Liguori <anthony@codemonkey.ws>
Subject: Re: [PATCH qemu-kvm] Add raw(af_packet) network backend to qemu
Date: Wed, 27 Jan 2010 13:54:08 -0600
Message-ID: <4B6099E0.40101@codemonkey.ws>
References: <4B5F54E8.3080507@codemonkey.ws> <4B5F5594.6080006@codemonkey.ws> <20100127092451.GC3476@redhat.com> <4B60488F.5020506@codemonkey.ws> <20100127165909.GA13260@redhat.com> <4B6072E1.7030702@codemonkey.ws> <20100127172536.GD13260@redhat.com> <4B60799F.80708@codemonkey.ws> <1264614895.20320.35.camel@w-sridhar.beaverton.ibm.com> <4B607FBA.2070902@codemonkey.ws> <20100127180338.GB13730@redhat.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: Sridhar Samudrala <sri@us.ibm.com>, avi@redhat.com,
	markmc@redhat.com, ogerlitz@voltaire.com, kvm@vger.kernel.org,
	qemu-devel@vger.kernel.org
To: "Michael S. Tsirkin" <mst@redhat.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mail-iw0-f186.google.com ([209.85.223.186]:46871 "EHLO
	mail-iw0-f186.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1753820Ab0A0TyP (ORCPT <rfc822;kvm@vger.kernel.org>);
	Wed, 27 Jan 2010 14:54:15 -0500
In-Reply-To: <20100127180338.GB13730@redhat.com>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

On 01/27/2010 12:03 PM, Michael S. Tsirkin wrote:
> On Wed, Jan 27, 2010 at 12:02:34PM -0600, Anthony Liguori wrote:
>    
>> On 01/27/2010 11:54 AM, Sridhar Samudrala wrote:
>>      
>>> I too think that we should not block raw backend in qemu just because of
>>> security reasons. It should be perfectly fine to use raw backend in
>>> scenarios where qemu can be run as a privileged process.
>>>
>>> libvirt need not support raw backend until we figure out a secure way to
>>> start qemu when passing raw fd. using network namespaces seems like a
>>> good option.
>>>
>>>        
>> Introducing something that is known to be problematic from a security
>> perspective without any clear idea of what the use-case for it is is a
>> bad idea IMHO.
>>      
> vepa on existing kernels is one use-case.
>    

Considering VEPA enabled hardware doesn't exist today and the standards 
aren't even finished being defined, I don't think it's a really strong 
use case ;-)

Regards,

Anthony Liguori

>> Regards,
>>
>> Anthony Liguori
>>
>>      
>>> Thanks
>>> Sridhar
>>>
>>>
>>>