qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] Re: [PATCH qemu-kvm] Add raw(af_packet) network backend


From: Anthony Liguori
Subject: Re: [Qemu-devel] Re: [PATCH qemu-kvm] Add raw(af_packet) network backend to qemu
Date: Tue, 26 Jan 2010 18:06:17 -0600
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.5) Gecko/20091209 Fedora/3.0-4.fc12 Lightning/1.0pre Thunderbird/3.0

On 01/26/2010 05:15 PM, Sridhar Samudrala wrote:
On Tue, 2010-01-26 at 14:47 -0600, Anthony Liguori wrote:
On 01/26/2010 02:40 PM, Sridhar Samudrala wrote:
This patch adds raw socket backend to qemu and is based on Or Gerlitz's
patch re-factored and ported to the latest qemu-kvm git tree.
It also includes support for vnet_hdr option that enables gso/checksum
offload with raw backend. You can find the linux kernel patch to support
this feature here.
     http://thread.gmane.org/gmane.linux.network/150308

Signed-off-by: Sridhar Samudrala<address@hidden>

See the previous discussion about the raw backend from Or's original
patch.  There's no obvious reason why we should have this in addition to
a tun/tap backend.

The only use-case I know of is macvlan but macvtap addresses this
functionality while not introduce the rather nasty security problems
associated with a raw backend.
The raw backend can be attached to a physical device

This is equivalent to bridging with tun/tap except that it has the unexpected behaviour of unreliable host/guest networking (which is not universally consistent across platforms either). This is not a mode we want to encourage users to use.

, macvlan

macvtap is a superior way to achieve this use case because a macvtap fd can safely be given to a lesser privilege process without allowing escalation of privileges.

  or SR-IOV VF.

This depends on vhost-net. In general, what I would like to see for this is something more user friendly that dealt specifically with this use-case. Although honestly, given the recent security concerns around raw sockets, I'm very concerned about supporting raw sockets in qemu at all.

Essentially, you get worse security doing vhost-net + raw + VF then with PCI passthrough + VF because at least in the later case you can run qemu without privileges. CAP_NET_RAW is a very big privilege.

Regards,

Anthony Liguori




reply via email to

[Prev in Thread] Current Thread [Next in Thread]