[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH 0/4] net-bridge: rootless bridge support for qem

From: Avi Kivity
Subject: Re: [Qemu-devel] [PATCH 0/4] net-bridge: rootless bridge support for qemu
Date: Thu, 05 Nov 2009 20:19:12 +0200
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv: Gecko/20090922 Fedora/3.0-3.9.b4.fc12 Thunderbird/3.0b4

On 11/05/2009 06:50 PM, Anthony Liguori wrote:
I'm worrying that we're transforming one problem into two different ones. Expanding the scope of qemu, and making it more difficult to use advanced networking functionality.

Do you object to the idea of having qemu call to a helper program directly or to the idea of having the helper program in qemu at all?

Both, the former much less that the latter.

I dislike helper programs, I find them inefficient especially at runtime as the penalties of fork() on a memory hog (esp. one that uses mmu notifiers like qemu+kvm) are considerable. They also make things like the oom-killer a necessity. But I really want qemu out of the security and network management business and focusing on qemulation. Security and network management are the job of the management stack, if they don't do the job well, send patches.

Splitting the helper into a separate project may be a more constructive discussion as was suggested by Arnd.

I agree.

As a separate project, libvirt could also make use of it and use -net tap,fd= if it wanted to do crazy things. From a distro perspective, it's just a matter of setting up dependencies to make it Just Work so I don't object to it that much. It's just a bit annoying to create an entire new project for a few hundred line helper.

I'd much rather see libvirt have a small daemon doing this, but that's my standard dislike of helpers.

Do not meddle in the internals of kernels, for they are subtle and quick to 

reply via email to

[Prev in Thread] Current Thread [Next in Thread]