[v3] xen: xen-domid-restrict improvements

[Qemu-devel] [PATCH v3 0/8] xen: xen-domid-restrict improvements

Posted by Ian Jackson 6 years, 6 months ago

I have been working on trying to get qemu, when running as a Xen
device model, to _actually_ not have power equivalent to root.

I think I have achieved this, with some limitations (which are
discussed in my series against xen.git.

However, there are changes to qemu needed.  In particular

 * The -xen-domid-restrict option does not work properly right now.
   It only restricts a small subset of the descriptors qemu has open.
   I am introducing a new library call in the Xen libraries for this,
   xentoolcore_restrict_all.

 * We need to call a different function on domain shutdown.

 * The restriction operation needs to be done at a slightly different
   time, necessitating a new hook.

 * Additionally, in the future, we intend to be able to set aside
   a uid range for these qemus to run in, and that involves being
   able to tell qemu to drop privilege by numeric uid and gid.

Thanks to Anthony Perard, Peter Maydell and Ross Lagerwall for
assistance, review and testing.

At least the first patch of this, "xen: link against xentoolcore",
will very likely be necessary, since the corresponding xen.git series
is likely to make Xen 4.10.

Ian.

Re: [Qemu-devel] [PATCH v3 0/8] xen: xen-domid-restrict improvements

Posted by no-reply@patchew.org 6 years, 6 months ago

Hi,

This series seems to have some coding style problems. See output below for
more information:

Type: series
Message-id: 1507314444-30835-1-git-send-email-ian.jackson@eu.citrix.com
Subject: [Qemu-devel] [PATCH v3 0/8] xen: xen-domid-restrict improvements

=== TEST SCRIPT BEGIN ===
#!/bin/bash

BASE=base
n=1
total=$(git log --oneline $BASE.. | wc -l)
failed=0

git config --local diff.renamelimit 0
git config --local diff.renames True

commits="$(git log --format=%H --reverse $BASE..)"
for c in $commits; do
    echo "Checking PATCH $n/$total: $(git log -n 1 --format=%s $c)..."
    if ! git show $c --format=email | ./scripts/checkpatch.pl --mailback -; then
        failed=1
        echo
    fi
    n=$((n+1))
done

exit $failed
=== TEST SCRIPT END ===

Updating 3c8cf5a9c21ff8782164d1def7f44bd888713384
Switched to a new branch 'test'
f117f53b9e RFC configure: do_compiler: Dump some extra info under bash
8c5c05599f os-posix: Provide new -runasid option
0177ba688d xen: destroy_hvm_domain: Try xendevicemodel_shutdown
2db1c89877 xen: move xc_interface compatibility fallback further up the file
da64bd6104 xen: destroy_hvm_domain: Move reason into a variable
78f35acc0a xen: defer call to xen_restrict until just before os_setup_post
33b46e08dd xen: restrict: use xentoolcore_restrict_all
0eeb4323ab xen: link against xentoolcore

=== OUTPUT BEGIN ===
Checking PATCH 1/8: xen: link against xentoolcore...
Checking PATCH 2/8: xen: restrict: use xentoolcore_restrict_all...
Checking PATCH 3/8: xen: defer call to xen_restrict until just before os_setup_post...
Checking PATCH 4/8: xen: destroy_hvm_domain: Move reason into a variable...
Checking PATCH 5/8: xen: move xc_interface compatibility fallback further up the file...
Checking PATCH 6/8: xen: destroy_hvm_domain: Try xendevicemodel_shutdown...
Checking PATCH 7/8: os-posix: Provide new -runasid option...
ERROR: consider using qemu_strtoul in preference to strtoul
#42: FILE: os-posix.c:160:
+        lv = strtoul(optarg, &ep, 0); /* can't qemu_strtoul, want *ep=='.' */

total: 1 errors, 0 warnings, 94 lines checked

Your patch has style problems, please review.  If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.

Checking PATCH 8/8: RFC configure: do_compiler: Dump some extra info under bash...
=== OUTPUT END ===

Test command exited with code: 1


---
Email generated automatically by Patchew [http://patchew.org/].
Please send your feedback to patchew-devel@freelists.org