subject:"\[Qemu\-devel\] \[PATCH v5.1 2\/8\] xen\: restrict\: use xentoolcore_restrict_all"

Re: [Qemu-devel] [PATCH v5.1 2/8] xen: restrict: use xentoolcore_restrict_all

2017-10-27 Thread Stefano Stabellini

On Fri, 27 Oct 2017, Ian Jackson wrote: > Stefano Stabellini writes ("Re: [PATCH v5.1 2/8] xen: restrict: use > xentoolcore_restrict_all"): > > On Fri, 20 Oct 2017, Ian Jackson wrote: > ... > > > Drop individual use of xendevicemodel_restrict and > > > xenforeignmemory_restrict. These are not act

Re: [Qemu-devel] [PATCH v5.1 2/8] xen: restrict: use xentoolcore_restrict_all

2017-10-27 Thread Ian Jackson

Stefano Stabellini writes ("Re: [PATCH v5.1 2/8] xen: restrict: use xentoolcore_restrict_all"): > On Fri, 20 Oct 2017, Ian Jackson wrote: ... > > Drop individual use of xendevicemodel_restrict and > > xenforeignmemory_restrict. These are not actually effective in this > > version of qemu, because

Re: [Qemu-devel] [PATCH v5.1 2/8] xen: restrict: use xentoolcore_restrict_all

2017-10-26 Thread Stefano Stabellini

On Fri, 20 Oct 2017, Ian Jackson wrote: > And insist that it works. > > Drop individual use of xendevicemodel_restrict and > xenforeignmemory_restrict. These are not actually effective in this > version of qemu, because qemu has a large number of fds open onto > various Xen control devices. > >

[Qemu-devel] [PATCH v5.1 2/8] xen: restrict: use xentoolcore_restrict_all

2017-10-20 Thread Ian Jackson

And insist that it works. Drop individual use of xendevicemodel_restrict and xenforeignmemory_restrict. These are not actually effective in this version of qemu, because qemu has a large number of fds open onto various Xen control devices. The restriction arrangements are still not right, becaus