[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] snabbswitch integration with QEMU for userspace etherne

From: Michael S. Tsirkin
Subject: Re: [Qemu-devel] snabbswitch integration with QEMU for userspace ethernet I/O
Date: Thu, 30 May 2013 09:55:05 +0300

On Thu, May 30, 2013 at 08:46:42AM +0200, Stefan Hajnoczi wrote:
> On Wed, May 29, 2013 at 6:02 PM, Julian Stecklina
> <address@hidden> wrote:
> > On 05/29/2013 04:21 PM, Stefan Hajnoczi wrote:
> >> The fact that a single switch process has shared memory access to all
> >> guests' RAM is critical.  If the switch process is exploited, then that
> >> exposes other guests' data!  (Think of a multi-tenant host with guests
> >> belonging to different users.)
> >
> > True. But people don't mind having instruction decoding and half of
> > virtio in the kernel these days, so it can't be that security critical...
> No, it's still security critical.  If there were equivalent solutions
> with better security then I'm sure people would accept them.  It's
> just that there isn't an equivalent solution yet :).
> Stefan

Some people would accept them.
Others run with selinux off ...


reply via email to

[Prev in Thread] Current Thread [Next in Thread]