From: Michael Roth <mdroth@linux.vnet.ibm.com>
To: Jes Sorensen <Jes.Sorensen@redhat.com>
Cc: agl@linux.vnet.ibm.com, stefanha@linux.vnet.ibm.com,
markus_mueller@de.ibm.com, marcel.mittelstaedt@de.ibm.com,
qemu-devel@nongnu.org, Luiz Capitulino <lcapitulino@redhat.com>,
aliguori@linux.vnet.ibm.com, ryanh@us.ibm.com,
abeekhof@redhat.com
Subject: Re: [Qemu-devel] [RFC][PATCH v6 00/23] virtagent: host/guest RPC communication agent
Date: Thu, 17 Feb 2011 08:39:45 -0600 [thread overview]
Message-ID: <4D5D3331.1000707@linux.vnet.ibm.com> (raw)
In-Reply-To: <4D5CDBD0.2060900@redhat.com>
On 02/17/2011 02:26 AM, Jes Sorensen wrote:
> On 02/16/11 18:22, Michael Roth wrote:
>> We've seen similar behavior. I think it comes down to qemu-va being
>> linked against shared objects in the host that don't necessarily
>> coincide with what's in the guest. It's somewhat misleading that we
>> currently build qemu-va along with the binary, since qemu-va is not
>> meant to be used on the host, and the version built on the host is not
>> meant to be used in the guest.
>>
>> Really the guest binary, qemu-va, should be built in a proper build
>> environment for that particular guest. Long term it may make sense to
>> have a "guest-utils" target that isn't part of the normal host-build
>> process to reflect binaries with these kinds of requirements. For now I
>> think we'll may just end up removing qemu-va from the default make
>> target, and only build it explicitly with "make qemu-va".
>
> Hi Michael,
>
> I am not sure I was totally clear in my mail, but the crashes I saw were
> QEMU on the host that went down. Not qemu-va running in the guest. My
Sorry, selective reading on my part. Had recently been tracking down
issues on the guest side.
> worry is that we are adding a lot of complexity into QEMU on the host
> side which is going to be difficult to audit, especially with things
> like the HTML and XML processing. If we separated host side processing
> into a separate command, we could better protect ourselves against a
> situation where a rogue guest could kill QEMU and possibly exploit it on
> the host side. I think we should seriously look at moving the agent
> processing code out of main QEMU and into a standalone command, maybe
> qemu-va-host or something like that.
I don't think the problem is really so fundamental...if you saw a
host-side crash it's most likely a bug/sloppy error-handling in
virtagent. Malformed xml (from version mismatches, transports errors,
etc) shouldn't crash xmlrpc-c... it's using a libxml parser that just
returns an error on unexpected xml...we just need to make sure we handle
errors appropriately.
Can you provide some details on what you ran and what the error message was?
>
> There has been talk about doing the same thing with the monitor in the
> past, and have it talk to the main QEMU process over QMP. This pretty
> much goes along the same lines, except that I think we need the XML
> handling moved out with it, so we couldn't just layer it directly on top
> of QMP.
I've reworked the code quite a bit so that we could potentially swap out
the xmlrpc-c layer transparently, while retaining the same HMP/QMP
commands/formats. A very realistic thing we can consider in the future
is using QMP for data encapsulation in place of xmlrpc, so I'd prefer
not to drastically change the design to work around dependencies for the
current data encapsulation scheme. Especially considering that
terminating the protocol within QEMU, at the HMP/QMP layer, is one of
the key benefits that differentiates virtagent from other guest agent
proposals.
But I think this is all a bit of a tangent if what we have here is just
a virtagent bug.
>
>> P.S. Hoping to have the execute-RPCs-in-seperate-threads work done soon
>> so we can get back to integrating your patches.
>
> Sounds good!
>
> Cheers,
> Jes
next prev parent reply other threads:[~2011-02-17 14:39 UTC|newest]
Thread overview: 70+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-01-17 13:14 [Qemu-devel] [RFC][PATCH v6 00/23] virtagent: host/guest RPC communication agent Michael Roth
2011-01-17 13:14 ` [Qemu-devel] [RFC][PATCH v6 01/23] Move code related to fd handlers into utility functions Michael Roth
2011-01-17 13:56 ` Gerd Hoffmann
2011-01-17 13:14 ` [Qemu-devel] [RFC][PATCH v6 02/23] Add qemu_set_fd_handler() wrappers to qemu-tools.c Michael Roth
2011-01-17 13:14 ` [Qemu-devel] [RFC][PATCH v6 03/23] Make qemu timers available for tools Michael Roth
2011-01-21 16:30 ` [Qemu-devel] " Jes Sorensen
2011-01-21 17:26 ` Michael Roth
2011-01-24 7:56 ` Jes Sorensen
2011-01-17 13:14 ` [Qemu-devel] [RFC][PATCH v6 04/23] virtagent: common code for managing client/server rpc jobs Michael Roth
2011-01-17 13:14 ` [Qemu-devel] [RFC][PATCH v6 05/23] virtagent: transport definitions read/send callback functions Michael Roth
2011-01-17 13:15 ` [Qemu-devel] [RFC][PATCH v6 06/23] virtagent: base client definitions Michael Roth
2011-01-17 13:15 ` [Qemu-devel] [RFC][PATCH v6 07/23] virtagent: base server definitions Michael Roth
2011-01-21 16:38 ` [Qemu-devel] " Jes Sorensen
2011-01-21 17:55 ` Michael Roth
2011-01-24 10:16 ` Jes Sorensen
2011-01-24 16:51 ` Michael Roth
2011-01-24 17:04 ` Jes Sorensen
2011-01-17 13:15 ` [Qemu-devel] [RFC][PATCH v6 08/23] virtagent: add va.getfile RPC Michael Roth
2011-01-21 16:40 ` [Qemu-devel] " Jes Sorensen
2011-01-21 17:20 ` Daniel P. Berrange
2011-01-21 18:23 ` Michael Roth
2011-01-24 22:08 ` Richard W.M. Jones
2011-01-24 22:20 ` Richard W.M. Jones
2011-01-24 22:26 ` Anthony Liguori
2011-01-24 22:48 ` Richard W.M. Jones
2011-01-24 23:40 ` Anthony Liguori
2011-01-25 0:22 ` Michael Roth
2011-01-25 0:25 ` Anthony Liguori
2011-01-25 9:21 ` Richard W.M. Jones
2011-01-25 15:12 ` Anthony Liguori
2011-01-25 15:43 ` Richard W.M. Jones
2011-01-26 13:01 ` Richard W.M. Jones
2011-01-17 13:15 ` [Qemu-devel] [RFC][PATCH v6 09/23] virtagent: add agent_viewfile qmp/hmp command Michael Roth
2011-01-21 16:41 ` [Qemu-devel] " Jes Sorensen
2011-01-17 13:15 ` [Qemu-devel] [RFC][PATCH v6 10/23] virtagent: add va.getdmesg RPC Michael Roth
2011-01-17 13:15 ` [Qemu-devel] [RFC][PATCH v6 11/23] virtagent: add agent_viewdmesg qmp/hmp commands Michael Roth
2011-01-17 13:15 ` [Qemu-devel] [RFC][PATCH v6 12/23] virtagent: add va.shutdown RPC Michael Roth
2011-01-17 13:15 ` [Qemu-devel] [RFC][PATCH v6 13/23] virtagent: add agent_shutdown qmp/hmp commands Michael Roth
2011-01-17 13:15 ` [Qemu-devel] [RFC][PATCH v6 14/23] virtagent: add va.ping RPC Michael Roth
2011-01-17 13:15 ` [Qemu-devel] [RFC][PATCH v6 15/23] virtagent: add agent_ping qmp/hmp commands Michael Roth
2011-01-17 13:15 ` [Qemu-devel] [RFC][PATCH v6 16/23] virtagent: add agent_capabilities " Michael Roth
2011-01-17 13:15 ` [Qemu-devel] [RFC][PATCH v6 17/23] virtagent: add client capabilities init function Michael Roth
2011-01-17 13:15 ` [Qemu-devel] [RFC][PATCH v6 18/23] virtagent: add va.hello RPC Michael Roth
2011-01-17 13:15 ` [Qemu-devel] [RFC][PATCH v6 19/23] virtagent: add "hello" notification function for guest agent Michael Roth
2011-01-17 13:15 ` [Qemu-devel] [RFC][PATCH v6 20/23] virtagent: add va.capabilities RPC Michael Roth
2011-01-17 13:15 ` [Qemu-devel] [RFC][PATCH v6 21/23] virtagent: add virtagent guest daemon Michael Roth
2011-01-17 13:15 ` [Qemu-devel] [RFC][PATCH v6 22/23] virtagent: integrate virtagent server/client via chardev Michael Roth
2011-01-17 13:15 ` [Qemu-devel] [RFC][PATCH v6 23/23] virtagent: various bits to build QEMU with virtagent Michael Roth
2011-01-24 10:24 ` [Qemu-devel] " Jes Sorensen
2011-01-17 13:53 ` [Qemu-devel] [RFC][PATCH v6 00/23] virtagent: host/guest RPC communication agent Gerd Hoffmann
2011-01-17 14:53 ` Michael Roth
2011-01-18 14:02 ` Gerd Hoffmann
2011-01-18 14:13 ` Anthony Liguori
2011-01-31 14:41 ` Michael Roth
2011-02-01 22:18 ` Michael Roth
2011-02-14 9:49 ` Gerd Hoffmann
2011-02-16 16:04 ` Jes Sorensen
2011-02-16 17:22 ` Michael Roth
2011-02-17 8:26 ` Jes Sorensen
2011-02-17 9:08 ` Dor Laor
2011-02-17 14:39 ` Michael Roth [this message]
2011-02-18 12:45 ` Jes Sorensen
2011-02-18 14:07 ` Anthony Liguori
2011-02-18 14:30 ` Jes Sorensen
2011-02-18 14:57 ` Anthony Liguori
2011-02-21 8:32 ` Jes Sorensen
2011-02-21 13:36 ` Michael Roth
2011-02-21 13:38 ` Jes Sorensen
2011-02-18 15:22 ` Gerd Hoffmann
2011-02-18 15:25 ` Anthony Liguori
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4D5D3331.1000707@linux.vnet.ibm.com \
--to=mdroth@linux.vnet.ibm.com \
--cc=Jes.Sorensen@redhat.com \
--cc=abeekhof@redhat.com \
--cc=agl@linux.vnet.ibm.com \
--cc=aliguori@linux.vnet.ibm.com \
--cc=lcapitulino@redhat.com \
--cc=marcel.mittelstaedt@de.ibm.com \
--cc=markus_mueller@de.ibm.com \
--cc=qemu-devel@nongnu.org \
--cc=ryanh@us.ibm.com \
--cc=stefanha@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).