On Mon, Nov 07, 2011 at 02:29:45PM +0200, Pekka Enberg wrote: > So what do you think about perf then? The amount of code that talks to > the kernel is much smaller than that of the KVM tool. I think it's a mess, because it's never clear whether perf needs to be upgraded when I upgrade the kernel, or vice versa. This is why I keep harping on the interface issues. Fortunately it seems less likely (since perf doesn't run with privileges) that security fixes will need to be released for perf, but if it did, given the typical regression testing requirements that many distributions have, and given that most distro packaging tools assume that all binaries from a single source package come from a single version of that source package, I predict you will hear screams from the distro release engineers. And by the way, there are use cases, where the guest OS kernel and root on the guest OS are not available to the untrusted users, where the userspace KVM program would be part of the security perimeter, and were security releases to the KVM part of the tool might very well be necessary, and it would be unfortunate if that forced the release of new kernel packages each time security fixes are needed to the kvm-tool userspace. Might kvm-tool be more secure than qemu? Quite possibly, given that it's going to do less than qemu. But please note that I've not been arguing that kvm-tool shouldn't be done; just that it not be included in the kernel sources. Just as sparse is not bundled into the kernel sources, for crying out loud! - Ted -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
