From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1LKcc5-0005bU-Be for qemu-devel@nongnu.org; Wed, 07 Jan 2009 12:54:41 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1LKcc3-0005af-Pm for qemu-devel@nongnu.org; Wed, 07 Jan 2009 12:54:40 -0500 Received: from [199.232.76.173] (port=50194 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1LKcc3-0005aZ-IL for qemu-devel@nongnu.org; Wed, 07 Jan 2009 12:54:39 -0500 Received: from nf-out-0910.google.com ([64.233.182.187]:50018) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1LKcc2-0006My-V9 for qemu-devel@nongnu.org; Wed, 07 Jan 2009 12:54:39 -0500 Received: by nf-out-0910.google.com with SMTP id b2so1136770nfb.12 for ; Wed, 07 Jan 2009 09:54:36 -0800 (PST) Message-ID: <4964EC55.4000507@codemonkey.ws> Date: Wed, 07 Jan 2009 11:54:29 -0600 From: Anthony Liguori MIME-Version: 1.0 Subject: Re: [Qemu-devel] [PATCH] mark nic as trusted References: <20090107142626.GE3267@redhat.com> <4964D98B.6030404@codemonkey.ws> <20090107165050.GI3267@redhat.com> <4964EC2B.1080406@codemonkey.ws> In-Reply-To: <4964EC2B.1080406@codemonkey.ws> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Reply-To: qemu-devel@nongnu.org List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Anthony Liguori wrote: >> That is for secure guest<->host communication over network. Guest has to >> know somehow which link host uses for communication. If guest has no way >> to know this, another computer on untrusted network can pretend it is >> real >> host and "own" a guest. > > So this is for vmchannel? How do you differentiate a real device with > that bit set compared to the vmchannel device? Like if you were doing PCI passthrough of an e1000... Regards, Anthony Liguori > Regards, > > Anthony Liguori > >> -- >> Gleb. >> >> >> >