On 09/11/2012 01:07 PM, Laine Stump wrote: > > * On the guest, these two network devices with matching MAC addresses > are put together into a bond interface, with an extra driver that causes > the bond to prefer the pci-passthrough device when it is present. So, > under normal circumstances *all* traffic goes through the > pci-passthrough device. > > * At migration time, since guests with attached pci-passthrough devices > can't be migrated, the pci-passthrough device (which is found by > searching the hostdev array for items with the "ephemeral" flag set) is > detached. This reduces the bond interface on the guest to only having > the virtio-net device, so traffic now passes through that device - it's > slower, but connectivity is maintained. And if this is the case, it means that 1) the guest must be aware that it is virtualized, and 2) can detect when it is being migrated. The ideal virtualization is one in where the guest doesn't have to be aware of anything, but the goal of this patch is not ideal guest behavior, so much as faster performance by explicitly making virtualization a leaky interface where the guest has to cooperate. Assuming I'm correct, does that have any security implications on the host? Or are we okay even if the guest is malicious, because the worst the guest can do is use the slower interface rather than the faster pci-passthrough device? > I have other questions beyond that, but either don't understand the code > enough yet to verbalize them, or will ask them next to the associated code. Seconded :) -- Eric Blake eblake@xxxxxxxxxx +1-919-301-3266 Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list