Re: [PATCH] Enhance perf to collect KVM guest os statistics fromhost side

From: Ingo Molnar
Date: Mon Mar 22 2010 - 06:38:15 EST

Next message: Nick Piggin: "Re: [rfc][patch] mm, fs: warn on missing address space operations"
Previous message: Oleg Nesterov: "Re: [RFC] [PATCH 1/2] cgroups: read-write lock CLONE_THREADforking per threadgroup"
In reply to: oerg Roedel: "Re: [PATCH] Enhance perf to collect KVM guest os statistics fromhost side"
Next in thread: Ingo Molnar: "Re: [PATCH] Enhance perf to collect KVM guest os statistics fromhost side"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* oerg Roedel <joro@xxxxxxxxxx> wrote:

> > It can decide whether it exposes the files. Nor are there any "security
> > issues" to begin with.
>
> I am not talking about security. [...]

You were talking about security, in the portion of your mail that you snipped
out, and which i replied to:

> > 2. The guest can decide for its own if it want to pass this
> > inforamtion to the host-perf. No security issues at all.

I understood that portion to mean what it says: that your claim that your
proposal 'has no security issues at all', in contrast to my suggestion.

> [...] Security was sufficiently flamed about already.

All i saw was my suggestion to allow a guest to securely (and scalably and
conveniently) integrate/mount its filesystems to the host if both sides (both
the host and the guest) permit it, to make it easier for instrumentation to
pick up symbol details.

I.e. if a guest runs then its filesystem may be present on the host side as:

/guests/Fedora-G1/
/guests/Fedora-G1/proc/
/guests/Fedora-G1/usr/
/guests/Fedora-G1/.../

( This feature would be configurable and would be default-off, to maintain the
current status quo. )

i.e. it's a bit like sshfs or NFS or loopback block mounts, just in an
integrated and working fashion (sshfs doesnt work well with /proc for example)
and more guest transparent (obviously sshfs or NFS exports need per guest
configuration), and lower overhead than sshfs/NFS - i.e. without the
(unnecessary) networking overhead.

That suggestion was 'countered' by an unsubstantiated claim by Anthony that
this kind of usability feature would somehow be a 'security nighmare'.

In reality it is just an incremental, more usable, faster and more
guest-transparent form of what is already possible today via:

- loopback mounts on host
- NFS exports
- SMB exports
- sshfs
- (and other mechanisms)

I wish there was at least flaming about it - as flames tend to have at least
some specifics in them.

What i saw instead was a claim about a 'security nightmare', which was, when i
asked for specifics, was followed by deafening silence. And you appear to have
repeated that claim here, unwilling to back it up with specifics.

Thanks,

Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Nick Piggin: "Re: [rfc][patch] mm, fs: warn on missing address space operations"
Previous message: Oleg Nesterov: "Re: [RFC] [PATCH 1/2] cgroups: read-write lock CLONE_THREADforking per threadgroup"
In reply to: oerg Roedel: "Re: [PATCH] Enhance perf to collect KVM guest os statistics fromhost side"
Next in thread: Ingo Molnar: "Re: [PATCH] Enhance perf to collect KVM guest os statistics fromhost side"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]