[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH v3 0/2] restrict the privilege of the xenstore connection

Hi all,

this patch series introduces a new command line option to restrict the
privilege of the xenstore connection. Used together with -runas, can
help secure the execution of QEMU in Dom0.


Changes in v3:
- introduce emulator_id and use in the xenstore path
- move qemu_xen_opts to xen-common.c


Stefano Stabellini (2):
      xen: separate the xenstore_record_dm_state calls for pv and hvm machines
      xen: introduce xsrestrict and emulator_id

 hw/xenpv/xen_machine_pv.c |   15 +++++++++++++++
 include/hw/xen/xen.h      |    2 ++
 qemu-options.hx           |   19 +++++++++++++++++++
 vl.c                      |    8 ++++++++
 xen-common-stub.c         |    2 ++
 xen-common.c              |   46 +++++++++++++++++----------------------------
 xen-hvm.c                 |   37 ++++++++++++++++++++++++++++--------
 7 files changed, 92 insertions(+), 37 deletions(-)

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.