From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1MCu3T-0006U8-1d
	for qemu-devel@nongnu.org; Sat, 06 Jun 2009 07:27:19 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1MCu3O-0006Ts-HK
	for qemu-devel@nongnu.org; Sat, 06 Jun 2009 07:27:18 -0400
Received: from [199.232.76.173] (port=45484 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1MCu3O-0006Tp-C0
	for qemu-devel@nongnu.org; Sat, 06 Jun 2009 07:27:14 -0400
Received: from mx20.gnu.org ([199.232.41.8]:11819)
	by monty-python.gnu.org with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32)
	(Exim 4.60) (envelope-from <paul@codesourcery.com>)
	id 1MCu3N-0003jL-Tc
	for qemu-devel@nongnu.org; Sat, 06 Jun 2009 07:27:14 -0400
Received: from mail.codesourcery.com ([65.74.133.4])
	by mx20.gnu.org with esmtp (Exim 4.60)
	(envelope-from <paul@codesourcery.com>) id 1MCu3M-0004fl-Np
	for qemu-devel@nongnu.org; Sat, 06 Jun 2009 07:27:13 -0400
From: Paul Brook <paul@codesourcery.com>
Subject: Re: [Qemu-devel] Re: Killing KQEMU
Date: Sat, 6 Jun 2009 12:27:09 +0100
References: <20090602035217.GA16574@foursquare.net>
	<200906022130.42639.paul@codesourcery.com>
	<762CAA99-0A24-4A4A-94F0-7F3B2610AEC9@web.de>
In-Reply-To: <762CAA99-0A24-4A4A-94F0-7F3B2610AEC9@web.de>
MIME-Version: 1.0
Content-Type: Text/Plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200906061227.10119.paul@codesourcery.com>
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Andreas =?iso-8859-1?q?F=E4rber?= <andreas.faerber@web.de>
Cc: Chris Frey <cdfrey@foursquare.net>, qemu-devel@nongnu.org

> > [1] Unsupportable == I'm not letting it anywhere near my production
> > systems.

>And that's exactly my point about KVM: What "production systems" are
>you talking of?!

Any machine that isn't completely disposable. For most users this includes 
their local workstation.

> A very nice use case of QEMU is that it works cross-platform, cross-
> hardware.

This actually argues against using kqemu as it only works in on "native" 
hosts.

>Or the other direction: We got/made disk images for courses at
>university and had to analyze them somewhere. Even with malicious root
>kits and stuff installed, we did not run into apparent issues
>virtualizing them.

You've been lucky then. I bet the only reason you haven't seen any problems is 
because kqemu is too obscure for anyone to bother attacking it.

>With GbE connections you can easily transfer disk images around,
>accompanied by original checksums and a tiny shell script to run them
>- use cases that VMware, VirtualBox and KVM cannot keep up with yet.

Neither can kqemu. Installing an unsupported third party kernel module is 
about the worst thing you can do from a security and stability standpoint. I'd 
expect any respectably sysadmin to laugh and kick you out if you requested 
they do this on any of their shared machines.

Paul