[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 2/8] xen: restrict: use xentoolcore_restrict_all
From: |
Anthony PERARD |
Subject: |
Re: [Qemu-devel] [PATCH 2/8] xen: restrict: use xentoolcore_restrict_all |
Date: |
Tue, 10 Oct 2017 12:26:56 +0100 |
User-agent: |
Mutt/1.9.1 (2017-09-22) |
On Mon, Oct 09, 2017 at 05:01:36PM +0100, Ian Jackson wrote:
> And insist that it works.
>
> Drop individual use of xendevicemodel_restrict and
> xenforeignmemory_restrict. These are not actually effective in this
> version of qemu, because qemu has a large number of fds open onto
> various Xen control devices.
>
> The restriction arrangements are still not right, because the
> restriction needs to be done very late - after qemu has opened all of
> its control fds.
>
> xentoolcore_restrict_all and xentoolcore.h are available in Xen 4.10
> and later, only. Provide a compatibility stub. And drop the
> compatibility stubs for the old functions.
>
> Signed-off-by: Ian Jackson <address@hidden>
Reviewed-by: Anthony PERARD <address@hidden>
--
Anthony PERARD
- [Qemu-devel] [PATCH v4 0/8] xen: xen-domid-restrict improvements, Ian Jackson, 2017/10/09
- [Qemu-devel] [PATCH 4/8] xen: destroy_hvm_domain: Move reason into a variable, Ian Jackson, 2017/10/09
- [Qemu-devel] [PATCH 8/8] configure: do_compiler: Dump some extra info under bash, Ian Jackson, 2017/10/09
- [Qemu-devel] [PATCH 3/8] xen: defer call to xen_restrict until just before os_setup_post, Ian Jackson, 2017/10/09
- [Qemu-devel] [PATCH 1/8] xen: link against xentoolcore, Ian Jackson, 2017/10/09
- [Qemu-devel] [PATCH 2/8] xen: restrict: use xentoolcore_restrict_all, Ian Jackson, 2017/10/09
- Re: [Qemu-devel] [PATCH 2/8] xen: restrict: use xentoolcore_restrict_all,
Anthony PERARD <=
- [Qemu-devel] [PATCH 5/8] xen: move xc_interface compatibility fallback further up the file, Ian Jackson, 2017/10/09
- [Qemu-devel] [PATCH 6/8] xen: destroy_hvm_domain: Try xendevicemodel_shutdown, Ian Jackson, 2017/10/09
- [Qemu-devel] [PATCH 7/8] os-posix: Provide new -runas <uid>.<gid> facility, Ian Jackson, 2017/10/09
- Re: [Qemu-devel] [PATCH v4 0/8] xen: xen-domid-restrict improvements, no-reply, 2017/10/09