From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1NJApQ-0006XV-HR
	for qemu-devel@nongnu.org; Fri, 11 Dec 2009 14:07:00 -0500
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1NJApL-0006Ra-Ig
	for qemu-devel@nongnu.org; Fri, 11 Dec 2009 14:07:00 -0500
Received: from [199.232.76.173] (port=60680 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1NJApL-0006RK-D0
	for qemu-devel@nongnu.org; Fri, 11 Dec 2009 14:06:55 -0500
Received: from mail-yx0-f188.google.com ([209.85.210.188]:46273)
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <anthony@codemonkey.ws>) id 1NJApL-0001Vn-0s
	for qemu-devel@nongnu.org; Fri, 11 Dec 2009 14:06:55 -0500
Received: by yxe26 with SMTP id 26so1142367yxe.4
	for <qemu-devel@nongnu.org>; Fri, 11 Dec 2009 11:06:54 -0800 (PST)
Message-ID: <4B229847.3060400@codemonkey.ws>
Date: Fri, 11 Dec 2009 13:06:47 -0600
From: Anthony Liguori <anthony@codemonkey.ws>
MIME-Version: 1.0
Subject: Re: [Qemu-devel] Spice project is now open
References: <1393046876.1549021260539141025.JavaMail.root@zmail05.collab.prod.int.phx2.redhat.com>	<4B226BFC.1040606@codemonkey.ws>	<20091211204828.464707cf@redhat.com>
	<20091211210032.425fb640@redhat.com>
In-Reply-To: <20091211210032.425fb640@redhat.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Izik Eidus <ieidus@redhat.com>
Cc: Yaniv Kamay <ykamay@redhat.com>, qemu-devel@nongnu.org

Izik Eidus wrote:
> I want to add that qemu is not the sole user of spice, Spice will be
> used as a protocol to connect into physical windows/linux machines....
>
> So how can we change the library just for qemu?
>   
A library is not necessarily a problem.

What would be a probably is if the library maintains guest visible 
state.  There are a lot of advantages to keeping qemu as the sole 
maintainer of guest visible state as it simplifies things like live 
migration.  More importantly, it allows us to do things like Avi's 
suggested security sandboxing using seccomp().  For that to work, we 
need to make sure that we can isolate any code that interacts directly 
with the guest.

Regards,

Anthony Liguori