Re: [kvm-devel] [PATCH RFC 2/5] Create relay channels and add trace data
Avi Kivity wrote: Liu, Eric E wrote: From 41d65b55580d3f07f9f1c50e89e3d64c5d10fbaf Mon Sep 17 00:00:00 2001 From: Feng (Eric) Liu [EMAIL PROTECTED] Date: Tue, 1 Apr 2008 07:26:14 -0400 Subject: [PATCH] KVM: Add kvm trace support. when config KVM_TRACE, it allows userspace app to read the trace of kvm_related events through the relayfs. +int kvm_trace_ioctl(unsigned int ioctl, unsigned long arg) +{ +void __user *argp = (void __user *)arg; +long r = -EINVAL; + +switch (ioctl) { +case KVM_TRACE_ENABLE: +r = kvm_trace_enable(argp); +break; +case KVM_TRACE_DISABLE: +r = 0; +kvm_trace_cleanup(); +break; +} + +return r; +} Since we want to allow non-privileged users to open /dev/kvm, and tracing can provide data on other users' VMs, we need check on CAP_SYS_ADMIN (or maybe CAP_PTRACE?) and return -EPERM if the user is not privileged enough. Thanks for your comments, I think using CAP_SYS_ADMIN is better. - This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Register now and save $200. Hurry, offer ends at 11:59 p.m., Monday, April 7! Use priority code J8TLD2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone ___ kvm-devel mailing list kvm-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/kvm-devel
Re: [kvm-devel] [PATCH RFC 2/5] Create relay channels and add trace data
Liu, Eric E wrote: From 41d65b55580d3f07f9f1c50e89e3d64c5d10fbaf Mon Sep 17 00:00:00 2001 From: Feng (Eric) Liu [EMAIL PROTECTED] Date: Tue, 1 Apr 2008 07:26:14 -0400 Subject: [PATCH] KVM: Add kvm trace support. when config KVM_TRACE, it allows userspace app to read the trace of kvm_related events through the relayfs. +int kvm_trace_ioctl(unsigned int ioctl, unsigned long arg) +{ + void __user *argp = (void __user *)arg; + long r = -EINVAL; + + switch (ioctl) { + case KVM_TRACE_ENABLE: + r = kvm_trace_enable(argp); + break; + case KVM_TRACE_DISABLE: + r = 0; + kvm_trace_cleanup(); + break; + } + + return r; +} Since we want to allow non-privileged users to open /dev/kvm, and tracing can provide data on other users' VMs, we need check on CAP_SYS_ADMIN (or maybe CAP_PTRACE?) and return -EPERM if the user is not privileged enough. -- error compiling committee.c: too many arguments to function - Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace ___ kvm-devel mailing list kvm-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/kvm-devel