On Thu, Feb 27, 2020 at 05:11:40PM +0000, Stefan Hajnoczi wrote: > On Mon, Feb 24, 2020 at 03:55:40PM -0500, Jagannathan Raman wrote: > > From: John G Johnson <[email protected]> > > > > Signed-off-by: John G Johnson <[email protected]> > > Signed-off-by: Elena Ufimtseva <[email protected]> > > Signed-off-by: Jagannathan Raman <[email protected]> > > --- > > docs/devel/index.rst | 1 + > > docs/devel/qemu-multiprocess.rst | 1102 > > ++++++++++++++++++++++++++++++++++++++ > > 2 files changed, 1103 insertions(+) > > create mode 100644 docs/devel/qemu-multiprocess.rst > > > > diff --git a/docs/devel/index.rst b/docs/devel/index.rst > > index 4dc2ca8..1a95871 100644 > > --- a/docs/devel/index.rst > > +++ b/docs/devel/index.rst > > @@ -25,3 +25,4 @@ Contents: > > tcg-plugins > > bitops > > reset > > + multi-process > > diff --git a/docs/devel/qemu-multiprocess.rst > > b/docs/devel/qemu-multiprocess.rst > > new file mode 100644 > > index 0000000..477e246 > > --- /dev/null > > +++ b/docs/devel/qemu-multiprocess.rst > > @@ -0,0 +1,1102 @@ > > +Disaggregating QEMU > > Please revise this document and the patch series to use consistent > terminology. At least "qemu-multiprocess.rst", "--enable-mpqemu", and > "disaggregated QEMU" are used to describe this feature (there are > probably more, I have only looked at 2 patches so far). > > It's confusing for someone who stumbles across one of these terms and > then has to figure out that we're talking about the same thing when > encountering other terms later on. > > Please use a single name and use it consistently. >
Thanks Stefan, will work on this. > > +=================== > > + > > +QEMU is often used as the hypervisor for virtual machines running in the > > +Oracle cloud. Since one of the advantages of cloud computing is the > > +ability to run many VMs from different tenants in the same cloud > > +infrastructure, a guest that compromised its hypervisor could > > +potentially use the hypervisor's access privileges to access data it is > > +not authorized for. > > + > > +QEMU can be susceptible to security attack because it is a large, > > s/attack/attacks/ > > > +monolithic program that provides many features to the VMs it services. > > +Many of these feature can be configured out of QEMU, but even a reduced > > s/feature/features/
