[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] [PATCH v2 0/*] xen: xen-domid-restrict improvements
(Resending this because 1. I got the CC for xen-devel wrong; 2. I got the subject wrong: there are actually 8 patches; 3. I mangled Anthony's name in theheaders. Sorry for the noise.) I have been working on trying to get qemu, when running as a Xen device model, to _actually_ not have power equivalent to root. I think I have achieved this, with some limitations (which will be discussed in my series against xen.git. However, there are changes to qemu needed. In particular * The -xen-domid-restrict option does not work properly right now. It only restricts a small subset of the descriptors qemu has open. I am introducing a new library call in the Xen libraries for this, xentoolcore_restrict_all. * We need to call a different function on domain shutdown. * The restriction operation needs to be done at a slightly different time, necessitating a new hook. * Additionally, in the future, we intend to be able to set aside a uid range for these qemus to run in, and that involves being able to tell qemu to drop privilege by numeric uid and gid. Thanks very much to Anthony Perard for his review of the first, RFC, version, and for helping out with configure. At least the first patch of this, "xen: link against xentoolcore", will very likely be necessary, since the corresponding xen.git series is likely to make Xen 4.10. Ian. _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx https://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |