xen-devel.lists.xenproject.org archive mirror
 help / color / mirror / Atom feed
From: "Daniel P. Berrange" <berrange@redhat.com>
To: Wei Liu <wei.liu2@citrix.com>
Cc: libvir-list@redhat.com,
	George Dunlap <george.dunlap@eu.citrix.com>,
	Ian Jackson <Ian.Jackson@eu.citrix.com>,
	Doug Goldstein <cardoe@cardoe.com>,
	Xen-devel <xen-devel@lists.xenproject.org>
Subject: Re: [libvirt] Questions about virtlogd
Date: Tue, 7 Jun 2016 14:21:17 +0100	[thread overview]
Message-ID: <20160607132116.GD20196@redhat.com> (raw)
In-Reply-To: <20160607121153.GL25922@citrix.com>

On Tue, Jun 07, 2016 at 01:11:53PM +0100, Wei Liu wrote:
> Hello libvirt maintainers,
> 
> Libvirt implements virtlogd in version 1.3 which now handles logging
> for QEMU process. I am wondering if it is possible to make it a
> separate package and maintain stable interfaces for external users?

Ok, so you're essentially asking for us to create a libvirt-logd.so
library for talking to virtlogd, which would basically contain the
code currently in src/logging/log_manager.c

That's certainly possible from a technical POV, but the real question
is whether we want to do that from a policy POV, given the greater
support implications that has.

> This is related to XSA-180 / CVE-2014-3672 (unrestricted QEMU
> logging). We are evaluating using virtlogd vs writing our own
> solution. I believe there are still some open questions on how exactly
> the integration could be done but let's worry about that later.

I must admit I'm not familiar with the division of responsibility
for managing QEMU between the Xen provided libxl library(s) and
the libvirt libxl driver code. Naively I would expect the libvirt
libxl driver code to deal with virtlogd and then configure the
Xen libxl library / QEMU accordingly. Your request seems to imply
that you will need the Xen libxl library to directly talk to
virtlogd instead.

Is there any way in which it would be practical for the libvirt
libxl driver to talk to virtlogd to acquire the file descriptors
to use and pass those file descriptors down to the libxl library ?

Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

       reply	other threads:[~2016-06-07 13:21 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <20160607121153.GL25922@citrix.com>
2016-06-07 13:21 ` Daniel P. Berrange [this message]
2016-06-07 15:57   ` [libvirt] Questions about virtlogd Wei Liu
2016-06-08  9:50     ` George Dunlap
     [not found]     ` <5757EA60.4030004@citrix.com>
2016-06-08 10:07       ` Daniel P. Berrange
     [not found]       ` <20160608100716.GD7760@redhat.com>
2016-06-08 10:57         ` George Dunlap
2016-06-08 11:53           ` Doug Goldstein
2016-06-08 12:46             ` Wei Liu
2016-06-08 13:05               ` George Dunlap
2016-06-08 13:09                 ` Wei Liu
2016-06-08 12:11           ` Daniel P. Berrange
2016-06-08 12:57             ` George Dunlap
2016-06-08 12:25         ` Wei Liu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20160607132116.GD20196@redhat.com \
    --to=berrange@redhat.com \
    --cc=Ian.Jackson@eu.citrix.com \
    --cc=cardoe@cardoe.com \
    --cc=george.dunlap@eu.citrix.com \
    --cc=libvir-list@redhat.com \
    --cc=wei.liu2@citrix.com \
    --cc=xen-devel@lists.xenproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).