From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from [140.186.70.92] (port=48077 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1Ppjrj-0006yF-Q2 for qemu-devel@nongnu.org; Wed, 16 Feb 2011 11:04:32 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Ppjri-0001tR-K4 for qemu-devel@nongnu.org; Wed, 16 Feb 2011 11:04:31 -0500 Received: from mx1.redhat.com ([209.132.183.28]:5254) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Ppjri-0001tK-DM for qemu-devel@nongnu.org; Wed, 16 Feb 2011 11:04:30 -0500 Message-ID: <4D5BF581.3050803@redhat.com> Date: Wed, 16 Feb 2011 17:04:17 +0100 From: Jes Sorensen MIME-Version: 1.0 Subject: Re: [Qemu-devel] [RFC][PATCH v6 00/23] virtagent: host/guest RPC communication agent References: <1295270117-24760-1-git-send-email-mdroth@linux.vnet.ibm.com> In-Reply-To: <1295270117-24760-1-git-send-email-mdroth@linux.vnet.ibm.com> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Michael Roth Cc: agl@linux.vnet.ibm.com, stefanha@linux.vnet.ibm.com, markus_mueller@de.ibm.com, marcel.mittelstaedt@de.ibm.com, qemu-devel@nongnu.org, aliguori@linux.vnet.ibm.com, ryanh@us.ibm.com, abeekhof@redhat.com On 01/17/11 14:14, Michael Roth wrote: > These patches apply to master (1-14-2011), and can also be obtained from: > git://repo.or.cz/qemu/mdroth.git virtagent_v6 > > CHANGES IN V6: > > - Added a sentinel value to reliably detect the start of an "http" hdr. Used to skip past partially sent http content from previous "sessions" > - Added http hdr tag (currently hardcoded for testing, will switch to uuid) to filter out valid-but-unexpected content in channel from previous "sessions" > - Added timeout mechanism to avoid hanging monitor when agent isn't running > - Added timed back-off on read's from a virtio-serial that result in ret=0 to avoid spinning if host isn't connected. > - Added daemonize flags to qemu-va > - Added sane defaults for channel type and virtio-serial port path > - Various bug fixes for state machine/job handling logic > Hi Michael, I was running some testing here of virtagent and demoing it to some of my colleagues and ran into a problem that raised an interesting question. My test system was an older Fedora 11 system, which meant I had to rebuild qemu, while I kept my test image and the qemu-va binary that I had built on a Fedora 14 system. What happened was that either due to the differences in platform, or maybe due to lag in updating the windows over vnc, agent commands would end up crashing qemu on the host. I am not sure whether this was due to timeouts or incompatibility of the libraries, however the question raised is whether it is good security wise to pull XMLRPC processing into QEMU this way? Instead maybe it would be better to move it out into it's own process that uses virtio-serial through QEMU for it's communication? In addition I think we need to consider a mechanism to make sure that the host and guest side are really compatible. Just a few things to consider. Cheers, Jes