Hi Anthony,
On Sun, 6 Nov 2011, Anthony Liguori wrote:
- Drop SDL/VNC. Make a proper Cairo GUI with a full blown GTK interface.
Don't rely on virt-manager for this. Not that I have anything against
virt-manager but there are many layers between you and the end GUI if you go
that route.
Funny that you should mention this. It was actually what I started out
with. I went for SDL because it was a low-hanging fruit after the VNC
patches which I didn't do myself.
However, it was never figured out if there was going to be a virtio
transport for GPU commands:
http://lwn.net/Articles/408831/
On Sun, 6 Nov 2011, Anthony Liguori wrote:
- Sandbox the device model from day #1. The size of the Linux kernel
interface is pretty huge and as a hypervisor, it's the biggest place for
improvement from a security perspective. We're going to do sandboxing in
QEMU, but it's going to be difficult. It would be much easier for you given
where you're at.
Completely agreed. I think Sasha is actually starting to work on this. See
the "Secure KVM" thread on kvm@.
Pekka
