From mboxrd@z Thu Jan 1 00:00:00 1970 From: Stefano Stabellini Subject: Re: [PATCH v5 0/6] libxl: xs_restrict QEMU Date: Wed, 29 Jul 2015 10:21:47 +0100 Message-ID: References: <55B61137.6010107@m2r.biz> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <55B61137.6010107@m2r.biz> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: Fabio Fantoni Cc: Ian Jackson , xen-devel@lists.xensource.com, Wei Liu , Ian Campbell , Stefano Stabellini List-Id: xen-devel@lists.xenproject.org On Mon, 27 Jul 2015, Fabio Fantoni wrote: > Il 23/07/2015 19:26, Stefano Stabellini ha scritto: > > Hi all, > > > > this patch series changes libxl to start QEMU as device model with the > > new xsrestrict option (http://marc.info/?l=xen-devel&m=143341692707358). > > It also starts a second QEMU to provide PV backends in userspace (qdisk) > > to HVM guests. > > Hi, I'm interested to test this serie. > xen patch "run QEMU as non-root" and qemu patch linked above are the only > prerequisite or other are needed? Yes and thank you for testing! > I saw that second patch is marked as [WIP], is it usable or I must wait to > have it complete before test this serie? It is usable, but it is not recommended why to do it in libxl. > Thanks for any reply and sorry for my bad english. > > > > > > > Changes in v5: > > - improve commit messages with security details > > > > Changes in v4: > > - update xenstore-paths.markdown > > - add error message in case count > MAX_PHYSMAP_ENTRIES > > - add a note to xenstore-paths.markdown about the possible change in > > privilege level > > - only change permissions if xsrestrict is supported > > > > Changes in v3: > > - use LIBXL_TOOLSTACK_DOMID instead of 0 in the commit message > > - update commit message with more info on why it is safe > > - add a limit on the number of physmap entries to save and restore > > - add emulator_ids > > - mark patch #3 as WIP > > - use LIBXL_TOOLSTACK_DOMID instead of 0 in the commit message > > - change xs path to include the emulator_id > > - change qdisk-backend-pid path on xenstore > > - use dcs->dmss.pvqemu to spawn the second QEMU > > - keep track of the rc of both QEMUs before proceeding > > > > > > Stefano Stabellini (6): > > libxl: do not add a vkb backend to hvm guests > > [WIP] libxl: xsrestrict QEMU > > libxl: allow /local/domain/$LIBXL_TOOLSTACK_DOMID/device-model/$DOMID > > to be written by $DOMID > > libxl: change xs path for QEMU > > libxl: change qdisk-backend-pid path on xenstore > > libxl: spawns two QEMUs for HVM guests > > > > docs/misc/xenstore-paths.markdown | 30 ++++++++-- > > tools/libxl/libxl.c | 2 +- > > tools/libxl/libxl_create.c | 58 +++++++++++++------ > > tools/libxl/libxl_device.c | 2 +- > > tools/libxl/libxl_dm.c | 115 > > +++++++++++++++++++++++++++++++++---- > > tools/libxl/libxl_dom.c | 19 ++++-- > > tools/libxl/libxl_internal.c | 19 ++++-- > > tools/libxl/libxl_internal.h | 15 ++++- > > tools/libxl/libxl_pci.c | 14 ++--- > > tools/libxl/libxl_utils.c | 10 ++++ > > 10 files changed, 225 insertions(+), 59 deletions(-) > > > > Cheers, > > > > Stefano > > > > _______________________________________________ > > Xen-devel mailing list > > Xen-devel@lists.xen.org > > http://lists.xen.org/xen-devel >