[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v9] run QEMU as non-root

To: Ian Campbell <ian.campbell@xxxxxxxxxx>
From: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>
Date: Thu, 5 Nov 2015 12:48:06 +0000
Cc: wei.liu2@xxxxxxxxxx, jfehlig@xxxxxxxx, xen-devel@xxxxxxxxxxxxxxxxxxx, Ian.Jackson@xxxxxxxxxxxxx, Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>
Delivery-date: Thu, 05 Nov 2015 12:48:22 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On Tue, 3 Nov 2015, Ian Campbell wrote:
> On Tue, 2015-11-03 at 16:49 +0000, Ian Campbell wrote:
> > On Mon, 2015-11-02 at 12:30 +0000, Stefano Stabellini wrote:
> > > Try to use "xen-qemudepriv-domid$domid" first, then
> > > "xen-qemudepriv-shared" and root if everything else fails.
> > >
> > > The uids need to be manually created by the user or, more likely, by
> > > the
> > > xen package maintainer.
> > >
> > > Expose a device_model_user setting in libxl_domain_build_info, so that
> > > opinionated callers, such as libvirt, can set any user they like. Do
> > > not
> > > fall back to root if device_model_user is set. Users can also set
> > > device_model_user by hand in the xl domain config file.
> > >
> > > QEMU is going to setuid and setgid to the user ID and the group ID of
> > > the specified user, soon after initialization, before starting to deal
> > > with any guest IO.
> > >
> > > To actually secure QEMU when running in Dom0, we need at least to
> > > deprivilege the privcmd and xenstore interfaces, this is just the first
> > > step in that direction.
> > >
> > > Signed-off-by: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>
> >
> > Acked-by: Ian Campbell <ian.campbell@xxxxxxxxxx>
>
> There were some minor conflicts against some patches committed at the start
> of October. I had fixed them up (I think) but then I noticed
> thatÂdocs/misc/qemu-deprivilege.txt in my working tree wasn't actually
> committed.
>
> Since this patch refers to it, but didn't include it I checked before
> acking that it was already in tree some how, but didn't realise it wasn't
> actually committed (somehow, not sure how). Was it supposed to be in this
> patch or was it supposed to be in some earlier patch?
>
> In any case given something odd is clearly going on I don't want to just
> commit some random version of that doc which I just found in my working
> directory along with this patch. Please can you resubmit with that file
> included (or in a precursor patch).

Done, see v10


> Also please check the coding style of the comment in libxl.h, the "/*"
> should be by itself.

Sorry I forgot this change! Feel free to fix it as you commit if that's
OK for you.


> Thanks,
> Ian.
>
> >
> > (based on previous plus eyeballing only the changes from:
> > > Â
> > > Changes in v9:
> > > - add a device_model_user option to the xl domain config file
> >
> > Ian.
> >
> > _______________________________________________
> > Xen-devel mailing list
> > Xen-devel@xxxxxxxxxxxxx
> > http://lists.xen.org/xen-devel
>

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

References:
- [Xen-devel] [PATCH v9] run QEMU as non-root
  - From: Stefano Stabellini
- Re: [Xen-devel] [PATCH v9] run QEMU as non-root
  - From: Ian Campbell
- Re: [Xen-devel] [PATCH v9] run QEMU as non-root
  - From: Ian Campbell

Prev by Date: [Xen-devel] [PATCH v10] run QEMU as non-root
Next by Date: Re: [Xen-devel] Getting the XSAVE size from userspace
Previous by thread: Re: [Xen-devel] [PATCH v9] run QEMU as non-root
Next by thread: Re: [Xen-devel] [PATCH] sched_credit: Remove cpu argument to __runq_insert()
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.