[Spice-devel] [Qemu-devel] QEMU: Discussion of separating core functionality vs supportive features
Jes Sorensen
Jes.Sorensen at redhat.com
Wed Mar 2 03:02:43 PST 2011
On 03/02/11 11:56, Dor Laor wrote:
> On 03/02/2011 12:25 PM, Jes Sorensen wrote:
>> On 03/01/11 15:25, Dor Laor wrote:
>> Using shared memory this way should allow us to implement the video
>> clients without performance loss, in fact it should be beneficial since
>> it would allow them to run fully separate from the host daemon.
>
> Why do you call it a daemon? Each VM instance should have only one, the
> 'host daemon' naming is misleading.
I refer to it as a daemon because it is something the client(s) will
connect to. But yes, there will be a daemon per VM.
> The proper solution long term is to sandbox qemu in a way that there
> privileged mode and non privileged mode. It might be implemented using
> separate address space or not. Most operations like vnc/rpc/spice/usb
> should be run with less privileges.
>
> The main issue is that doing it right will take time and we'll want
> virt-agent be merged before the long term solution is ready. The best
> approach would be gradual development
Yes I agree, I don't think this will happen overnight, and blocking
virtagent with this would be bad.
Cheers,
Jes
More information about the Spice-devel
mailing list