On Wednesday, September 18, 2013 05:32:17 PM Daniel P. Berrange wrote:
> On Wed, Sep 18, 2013 at 12:19:44PM -0400, Paul Moore wrote:
> > On Wednesday, September 18, 2013 04:59:10 PM Daniel P. Berrange wrote:
> > > On Wed, Sep 18, 2013 at 11:53:09AM -0400, Paul Moore wrote:
> > > > On Wednesday, Sep
On 09/18/2013 12:32 PM, Daniel P. Berrange wrote:
On Wed, Sep 18, 2013 at 12:19:44PM -0400, Paul Moore wrote:
On Wednesday, September 18, 2013 04:59:10 PM Daniel P. Berrange wrote:
On Wed, Sep 18, 2013 at 11:53:09AM -0400, Paul Moore wrote:
On Wednesday, September 18, 2013 08:38:17 AM Daniel
On Wed, Sep 18, 2013 at 12:19:44PM -0400, Paul Moore wrote:
> On Wednesday, September 18, 2013 04:59:10 PM Daniel P. Berrange wrote:
> > On Wed, Sep 18, 2013 at 11:53:09AM -0400, Paul Moore wrote:
> > > On Wednesday, September 18, 2013 08:38:17 AM Daniel P. Berrange wrote:
> > > > Libvirt does not
On Wed, Sep 18, 2013 at 11:53:09AM -0400, Paul Moore wrote:
> On Wednesday, September 18, 2013 08:38:17 AM Daniel P. Berrange wrote:
> > Libvirt does not want to be in the business of creating seccomp syscall
> > filters for QEMU. As mentioned before, IMHO that places an unacceptable
> > burden on
On Wednesday, September 18, 2013 08:38:17 AM Daniel P. Berrange wrote:
> Libvirt does not want to be in the business of creating seccomp syscall
> filters for QEMU. As mentioned before, IMHO that places an unacceptable
> burden on libvirt to know about the syscalls each a particular version
> of QE
On Wednesday, September 18, 2013 04:59:10 PM Daniel P. Berrange wrote:
> On Wed, Sep 18, 2013 at 11:53:09AM -0400, Paul Moore wrote:
> > On Wednesday, September 18, 2013 08:38:17 AM Daniel P. Berrange wrote:
> > > Libvirt does not want to be in the business of creating seccomp syscall
> > > filters
On Tue, Sep 17, 2013 at 03:17:28PM -0400, Corey Bryant wrote:
>
>
> On 09/17/2013 01:14 PM, Eduardo Otubo wrote:
> >
> >
> >On 09/17/2013 11:43 AM, Paul Moore wrote:
> >>On Tuesday, September 17, 2013 02:06:06 PM Daniel P. Berrange wrote:
> >>>On Tue, Sep 17, 2013 at 10:01:23AM -0300, Eduardo Otu
On Tue, Sep 17, 2013 at 02:14:25PM -0300, Eduardo Otubo wrote:
>
>
> On 09/17/2013 11:43 AM, Paul Moore wrote:
> >On Tuesday, September 17, 2013 02:06:06 PM Daniel P. Berrange wrote:
> >>On Tue, Sep 17, 2013 at 10:01:23AM -0300, Eduardo Otubo wrote:
> >>
> >>>Paul, what exactly are you planning t
On 09/17/2013 04:17 PM, Corey Bryant wrote:
On 09/17/2013 01:14 PM, Eduardo Otubo wrote:
On 09/17/2013 11:43 AM, Paul Moore wrote:
On Tuesday, September 17, 2013 02:06:06 PM Daniel P. Berrange wrote:
On Tue, Sep 17, 2013 at 10:01:23AM -0300, Eduardo Otubo wrote:
Paul, what exactly are
On 09/17/2013 01:14 PM, Eduardo Otubo wrote:
On 09/17/2013 11:43 AM, Paul Moore wrote:
On Tuesday, September 17, 2013 02:06:06 PM Daniel P. Berrange wrote:
On Tue, Sep 17, 2013 at 10:01:23AM -0300, Eduardo Otubo wrote:
Paul, what exactly are you planning to add to libvirt? I'm not a big
f
On 09/17/2013 02:14 PM, Eduardo Otubo wrote:
On 09/17/2013 11:43 AM, Paul Moore wrote:
On Tuesday, September 17, 2013 02:06:06 PM Daniel P. Berrange wrote:
On Tue, Sep 17, 2013 at 10:01:23AM -0300, Eduardo Otubo wrote:
Paul, what exactly are you planning to add to libvirt? I'm not a big
f
On 09/17/2013 11:43 AM, Paul Moore wrote:
On Tuesday, September 17, 2013 02:06:06 PM Daniel P. Berrange wrote:
On Tue, Sep 17, 2013 at 10:01:23AM -0300, Eduardo Otubo wrote:
Paul, what exactly are you planning to add to libvirt? I'm not a big
fan of using qemu command line to pass syscalls f
On Tuesday, September 17, 2013 02:06:06 PM Daniel P. Berrange wrote:
> On Tue, Sep 17, 2013 at 10:01:23AM -0300, Eduardo Otubo wrote:
>
> > Paul, what exactly are you planning to add to libvirt? I'm not a big
> > fan of using qemu command line to pass syscalls for blacklist as
> > arguments, but I
On Tue, Sep 17, 2013 at 10:01:23AM -0300, Eduardo Otubo wrote:
>
>
> On 09/11/2013 01:49 PM, Daniel P. Berrange wrote:
> >On Wed, Sep 11, 2013 at 12:45:54PM -0400, Corey Bryant wrote:
> >>
> >>
> >>On 09/06/2013 03:21 PM, Eduardo Otubo wrote:
> >>>New command line options for the seccomp blacklis
On 09/11/2013 01:49 PM, Daniel P. Berrange wrote:
On Wed, Sep 11, 2013 at 12:45:54PM -0400, Corey Bryant wrote:
On 09/06/2013 03:21 PM, Eduardo Otubo wrote:
New command line options for the seccomp blacklist feature:
$ qemu -sandbox on[,strict=]
The strict parameter will turn on or off
On Wed, Sep 11, 2013 at 12:45:54PM -0400, Corey Bryant wrote:
>
>
> On 09/06/2013 03:21 PM, Eduardo Otubo wrote:
> >New command line options for the seccomp blacklist feature:
> >
> > $ qemu -sandbox on[,strict=]
> >
> >The strict parameter will turn on or off the new system call blacklist
>
>
On 09/06/2013 03:21 PM, Eduardo Otubo wrote:
New command line options for the seccomp blacklist feature:
$ qemu -sandbox on[,strict=]
The strict parameter will turn on or off the new system call blacklist
I mentioned this before but I'll say it again since I think it needs to
be discusse
New command line options for the seccomp blacklist feature:
$ qemu -sandbox on[,strict=]
The strict parameter will turn on or off the new system call blacklist
Signed-off-by: Eduardo Otubo
---
qemu-options.hx | 8 +---
vl.c| 11 ++-
2 files changed, 15 insertions(+),
18 matches
Mail list logo