[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 17/22] xl, libxl: Provide dm_restrict

Wei Liu writes ("Re: [PATCH 17/22] xl, libxl: Provide dm_restrict"):
> On Fri, Sep 15, 2017 at 07:48:54PM +0100, Ian Jackson wrote:
> > This functionality is still quite imperfect, but it will be useful in
> > certain restricted use cases.
> Seeing this is mostly plumbing for QEMU and a technology preview
> feature:

Doing a more complete job will involve more significant work which is
probably not (or at least, much of which is not) going to be ready for

I may update things to make some additional restriction calls in qemu
but the big one is uid reuse.  I think fixing the uid reuse problem
involves adding a new fork to the domain creation and domain teardown,
since I'm not aware of a way to kill all processes with a particular
uid other than by running a process with that uid.


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.