Xen project Mailing List

Re: [Xen-devel] [PATCH v5 0/6] libxl: xs_restrict QEMU

To: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxx

From: Fabio Fantoni <fabio.fantoni@xxxxxxx>

Date: Mon, 27 Jul 2015 13:08:39 +0200

Cc: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, Ian Campbell <Ian.Campbell@xxxxxxxxxx>

Delivery-date: Mon, 27 Jul 2015 11:08:56 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

Il 23/07/2015 19:26, Stefano Stabellini ha scritto:

Hi all,

this patch series changes libxl to start QEMU as device model with the
new xsrestrict option (http://marc.info/?l=xen-devel&m=143341692707358).
It also starts a second QEMU to provide PV backends in userspace (qdisk)
to HVM guests.

Hi, I'm interested to test this serie.

xen patch "run QEMU as non-root" and qemu patch linked above are the

only prerequisite or other are needed?

I saw that second patch is marked as [WIP], is it usable or I must wait

to have it complete before test this serie?

Thanks for any reply and sorry for my bad english.



Changes in v5:
- improve commit messages with security details

Changes in v4:
- update xenstore-paths.markdown
- add error message in case count > MAX_PHYSMAP_ENTRIES
- add a note to xenstore-paths.markdown about the possible change in
privilege level
- only change permissions if xsrestrict is supported

Changes in v3:
- use LIBXL_TOOLSTACK_DOMID instead of 0 in the commit message
- update commit message with more info on why it is safe
- add a limit on the number of physmap entries to save and restore
- add emulator_ids
- mark patch #3 as WIP
- use LIBXL_TOOLSTACK_DOMID instead of 0 in the commit message
- change xs path to include the emulator_id
- change qdisk-backend-pid path on xenstore
- use dcs->dmss.pvqemu to spawn the second QEMU
- keep track of the rc of both QEMUs before proceeding


Stefano Stabellini (6):
       libxl: do not add a vkb backend to hvm guests
       [WIP] libxl: xsrestrict QEMU
       libxl: allow /local/domain/$LIBXL_TOOLSTACK_DOMID/device-model/$DOMID to 
be written by $DOMID
       libxl: change xs path for QEMU
       libxl: change qdisk-backend-pid path on xenstore
       libxl: spawns two QEMUs for HVM guests

  docs/misc/xenstore-paths.markdown |   30 ++++++++--
  tools/libxl/libxl.c               |    2 +-
  tools/libxl/libxl_create.c        |   58 +++++++++++++------
  tools/libxl/libxl_device.c        |    2 +-
  tools/libxl/libxl_dm.c            |  115 +++++++++++++++++++++++++++++++++----
  tools/libxl/libxl_dom.c           |   19 ++++--
  tools/libxl/libxl_internal.c      |   19 ++++--
  tools/libxl/libxl_internal.h      |   15 ++++-
  tools/libxl/libxl_pci.c           |   14 ++---
  tools/libxl/libxl_utils.c         |   10 ++++
  10 files changed, 225 insertions(+), 59 deletions(-)

Cheers,

Stefano

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

_______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.