Hi all,
this patch series introduces a new command line option to restrict the
privilege of the xenstore connection. Used together with -runas, can
help secure the execution of QEMU in Dom0.
Changes in v3:
- introduce emulator_id and use in the xenstore path
- move qemu_xen_opts to xen-common.c
Stefano Stabellini (2):
xen: separate the xenstore_record_dm_state calls for pv and hvm machines
xen: introduce xsrestrict and emulator_id
hw/xenpv/xen_machine_pv.c | 15 +++++++++++++++
include/hw/xen/xen.h | 2 ++
qemu-options.hx | 19 +++++++++++++++++++
vl.c | 8 ++++++++
xen-common-stub.c | 2 ++
xen-common.c | 46 +++++++++++++++++----------------------------
xen-hvm.c | 37 ++++++++++++++++++++++++++++--------
7 files changed, 92 insertions(+), 37 deletions(-)
