I am working on auditing whether deprvileging qemu has actually worked. The approach I have chosen is to fish the descriptors out of qemu (by using debugging facilities), and try to make hypercalls etc. using them.
To take making a hypercall as an example: this is not easily done without libxc. So I need to make libxc make a hypercall with a different fd - actually, a different open-file. I do this by using dup2 to overwrite libxc's fd with the one stolen from qemu. That means I need to know libxc's fd number. Hence the middle two patches in this series. Also, I drop some obsolete declarations and improve an error message. I doubt this is 4.11 material. qemu depriv is not covered by support in 4.11 anyway. In 4.12 I want it to be supported, and, therefore, tested and audited. If it becomes fully supported there, it might be worth backporting some of these patches. Thanks, Ian. _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel
