Xen project Mailing List

RE: [Xen-devel] Should Qemu monitor be enabled by default

To: "Daniel P. Berrange" <berrange@xxxxxxxxxx>

From: "You, Yongkang" <yongkang.you@xxxxxxxxx>

Date: Fri, 13 Apr 2007 00:09:58 +0800

Cc: Atsushi SAKAI <sakaia@xxxxxxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxx, ?????? <kouya@xxxxxxxxxxxxxx>, Christian.Limpach@xxxxxxxxxxxx

Delivery-date: Thu, 12 Apr 2007 09:09:13 -0700

List-id: Xen developer discussion <xen-devel.lists.xensource.com>

Thread-index: Acd9GLMJziDSxjrdTGG1DMxCaH/FTgAAbeNQ

Thread-topic: [Xen-devel] Should Qemu monitor be enabled by default

Hi Daniel, >The '-monitor vc' is already the default for QEMU, so both branches of >that if end up reducing to the same functional state - the monitor being >enabled. You need to explicitly disable the monitor if the config file >has monitor=0 Aha. Thanks for checking the patch. It is a typo. In the attachment patch, I have changed the monitor default value to 0. > >I'm not sure this patch is a good idea long term though. If, as Anthony >suggests in previous thread, XenD takes control of the monitor and provides >an explicit 'xm monitor' command, then it'll be impossible to also make >the monitor also appear on a VC. Yes. It is not a long term solution like previous discussion. But 3.0.5 is near, we had better to use the interim method. > >This also doesn't address the issue that making the monitor appear on a >VC is fundamentally a security risk and so can never be enabled in any >production environment where you care about integrity of the Dom0 host. >I don't see the point in introducing a config file setting which will >have to go away once a sustainable 'xm monitor' patch is implemented. > >For the timescales involved in 3.0.5 I think we should instead make sure >that 'xm block-configure' works correctly. Yes. I agree it has potential security issue. But from the original concern email, I just knew the cdrom option would cause possible normal user to write file as root privilege. But actually if we could assign 'readonly' permission for cdrom option, nobody could write the system file. But still have read permission security issue. Well, users are familiar with Qemu Monitor for a long time. And although we can use xm command to change the CD-ROM file, we hardly switch HVM console to ttyN or call HVM by "ctrl-alt-N" (monitor can send short keys to HVM). So if simply remove Monitor function, it would also lose an important function of HVM. IMHO, virtualization production would drop it. :) So we create such patch to do a compromise workaround and let user to choose. Best Regards, Yongkang (Kangkang) 永康

Attachment: qemu_monitor.patch
Description: qemu_monitor.patch

_______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.