virtio-dev message

Subject: Re: [RFC] Upstreaming virtio-wayland (or an alternative)

From: Boris Brezillon <boris.brezillon@collabora.com>
To: Zach Reizner <zachr@google.com>
Date: Mon, 24 Feb 2020 11:33:48 +0100

On Mon, 17 Feb 2020 19:21:50 +0100
Boris Brezillon <boris.brezillon@collabora.com> wrote:

> > > Thats why I don't like the new virtio device idea much and would prefer
> > > vhost being reused, either directly (#1) or via proxy (#2).  
> > 
> > For crosvm's purposes, we are looking at ways to reduce vhost usage in
> > order to reduce host kernel exposure to untrusted guest input,
> > including from the guest kernel. That is why a non-vhost based
> > solution would be prefered.  
> 
> Okay, I didn't know you were avoiding vhost-based solutions to
> reduce the attack surface.

Looks like they implemented vhost-less vsock in Firecracker[1]. Not
sure how much work that would be to port this implementation to crosvm,
but maybe that's an option.

[1]https://github.com/firecracker-microvm/firecracker/pull/1176

Follow-Ups:
- Re: [RFC] Upstreaming virtio-wayland (or an alternative)
  - From: Gerd Hoffmann <kraxel@redhat.com>

References:
- [RFC] Upstreaming virtio-wayland (or an alternative)
  - From: Boris Brezillon <boris.brezillon@collabora.com>
- Re: [RFC] Upstreaming virtio-wayland (or an alternative)
  - From: Boris Brezillon <boris.brezillon@collabora.com>
- Re: [RFC] Upstreaming virtio-wayland (or an alternative)
  - From: Boris Brezillon <boris.brezillon@collabora.com>