[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] libs/light: make it build without setresuid()

To: Manuel Bouyer <bouyer@xxxxxxxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx, Wei Liu <wl@xxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>
From: Ian Jackson <iwj@xxxxxxxxxxxxxx>
Date: Wed, 27 Jan 2021 16:03:04 +0000
Delivery-date: Wed, 27 Jan 2021 16:03:18 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Ian Jackson writes ("Re: [PATCH] libs/light: make it build without 
setresuid()"):
> Manuel Bouyer writes ("Re: [PATCH] libs/light: make it build without 
> setresuid()"):
> > On Wed, Jan 20, 2021 at 05:10:36PM +0000, Ian Jackson wrote:
> > > My last mail had in it a thing that claims to be a proof that this is
> > > not possible.
> > 
> > This code:
...
> > actually works on NetBSD. processes from 375 are killed, and the
> > seteuid(0) call succeeds (showing that the saved used id is still 0).
> 
> I guess I must have been wrong.
> 
> > > What do you think ?
> > 
> > As this is supported by Xen, I hope I can make at last run qemu with a
> > non-zero uid.
> 
> The logic for deciding what user to run qemu as, and whether to kill
> by uid or by pid, is in libxl_dm.c, in the function
> libxl__domain_get_device_model_uid.
> 
> The dm_restrict flag turns on various other things too.

I think I have lost track of where we are with this patch.  I would
like to see all this properly sorted in Xen 4.15.

How about I write a patch splitting the relevant part up into a
version for systems with setresuid and systems without ?  Then you
could fill in the missing part.

Should I expect the non-setresuid OS to provide effectively the whole
orf kill_device_model_uid_child, or just a replacement for the
setresuid call and surrounding logging, something like
  kill_device_model_uid_child_setresuid
?

Ian.

Follow-Ups:
- Re: [PATCH] libs/light: make it build without setresuid()
  - From: Manuel Bouyer

References:
- [PATCH] Fix error: array subscript has type 'char'
  - From: Manuel Bouyer
- [PATCH] libs/light: make it build without setresuid()
  - From: Manuel Bouyer
- Re: [PATCH] libs/light: make it build without setresuid()
  - From: Roger Pau Monné
- Re: [PATCH] libs/light: make it build without setresuid()
  - From: Ian Jackson
- Re: [PATCH] libs/light: make it build without setresuid()
  - From: Manuel Bouyer
- Re: [PATCH] libs/light: make it build without setresuid()
  - From: Ian Jackson
- Re: [PATCH] libs/light: make it build without setresuid()
  - From: Manuel Bouyer
- Re: [PATCH] libs/light: make it build without setresuid()
  - From: Ian Jackson
- Re: [PATCH] libs/light: make it build without setresuid()
  - From: Manuel Bouyer
- Re: [PATCH] libs/light: make it build without setresuid()
  - From: Ian Jackson

Prev by Date: Re: [PATCH] xenpmd.c: use dynamic allocation
Next by Date: [PATCH] MAINTAINERS: correct split libxl paths
Previous by thread: Re: [PATCH] libs/light: make it build without setresuid()
Next by thread: Re: [PATCH] libs/light: make it build without setresuid()
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.