From mboxrd@z Thu Jan  1 00:00:00 1970
From: Avi Kivity <avi@redhat.com>
Subject: Re: Secure KVM
Date: Mon, 07 Nov 2011 21:54:32 +0200
Message-ID: <4EB83778.5000306@redhat.com>
References: <1320612020.3299.22.camel@lappy> <4EB7A45D.1030600@redhat.com> <4EB817D2.5010200@codemonkey.ws> <4EB826E1.8010106@redhat.com> <4EB82C5D.9080909@codemonkey.ws>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: Sasha Levin <levinsasha928@gmail.com>,
	Andrea Arcangeli <aarcange@redhat.com>,
	Marcelo Tosatti <mtosatti@redhat.com>,
	Ingo Molnar <mingo@elte.hu>, Pekka Enberg <penberg@kernel.org>,
	Cyrill Gorcunov <gorcunov@gmail.com>,
	Asias He <asias.hejun@gmail.com>,
	Rusty Russell <rusty@rustcorp.com.au>,
	"Michael S. Tsirkin" <mst@redhat.com>, kvm <kvm@vger.kernel.org>
To: Anthony Liguori <anthony@codemonkey.ws>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mx1.redhat.com ([209.132.183.28]:57348 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1751083Ab1KGTyw (ORCPT <rfc822;kvm@vger.kernel.org>);
	Mon, 7 Nov 2011 14:54:52 -0500
In-Reply-To: <4EB82C5D.9080909@codemonkey.ws>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

On 11/07/2011 09:07 PM, Anthony Liguori wrote:
>> We lost the context of all threads, but that also happens on live
>> migration.  I'm sure this is workable.
>>
>> Plus we get save/restore testing for free.  Did someone say win/win?
>
>
> Indeed.
>
> But it mandates that everything in the sandbox be serializable so
> given the current state of things, it would mean you couldn't put
> qcow2 in the sandbox, for instance.

Quiesce all requests, reopen the blockdev.

A bit heavyweight, but that's life.

-- 
I have a truly marvellous patch that fixes the bug which this
signature is too narrow to contain.