On Tue, Sep 17, 2013 at 02:14:25PM -0300, Eduardo Otubo wrote:
On 09/17/2013 11:43 AM, Paul Moore wrote:
On Tuesday, September 17, 2013 02:06:06 PM Daniel P. Berrange wrote:
On Tue, Sep 17, 2013 at 10:01:23AM -0300, Eduardo Otubo wrote:
Paul, what exactly are you planning to add to
On Tue, Sep 17, 2013 at 03:17:28PM -0400, Corey Bryant wrote:
On 09/17/2013 01:14 PM, Eduardo Otubo wrote:
On 09/17/2013 11:43 AM, Paul Moore wrote:
On Tuesday, September 17, 2013 02:06:06 PM Daniel P. Berrange wrote:
On Tue, Sep 17, 2013 at 10:01:23AM -0300, Eduardo Otubo wrote:
On Wednesday, September 18, 2013 04:59:10 PM Daniel P. Berrange wrote:
On Wed, Sep 18, 2013 at 11:53:09AM -0400, Paul Moore wrote:
On Wednesday, September 18, 2013 08:38:17 AM Daniel P. Berrange wrote:
Libvirt does not want to be in the business of creating seccomp syscall
filters for
On Wednesday, September 18, 2013 08:38:17 AM Daniel P. Berrange wrote:
Libvirt does not want to be in the business of creating seccomp syscall
filters for QEMU. As mentioned before, IMHO that places an unacceptable
burden on libvirt to know about the syscalls each a particular version
of QEMU
On Wed, Sep 18, 2013 at 11:53:09AM -0400, Paul Moore wrote:
On Wednesday, September 18, 2013 08:38:17 AM Daniel P. Berrange wrote:
Libvirt does not want to be in the business of creating seccomp syscall
filters for QEMU. As mentioned before, IMHO that places an unacceptable
burden on
On Wed, Sep 18, 2013 at 12:19:44PM -0400, Paul Moore wrote:
On Wednesday, September 18, 2013 04:59:10 PM Daniel P. Berrange wrote:
On Wed, Sep 18, 2013 at 11:53:09AM -0400, Paul Moore wrote:
On Wednesday, September 18, 2013 08:38:17 AM Daniel P. Berrange wrote:
Libvirt does not want to
On 09/18/2013 12:32 PM, Daniel P. Berrange wrote:
On Wed, Sep 18, 2013 at 12:19:44PM -0400, Paul Moore wrote:
On Wednesday, September 18, 2013 04:59:10 PM Daniel P. Berrange wrote:
On Wed, Sep 18, 2013 at 11:53:09AM -0400, Paul Moore wrote:
On Wednesday, September 18, 2013 08:38:17 AM
On Wednesday, September 18, 2013 05:32:17 PM Daniel P. Berrange wrote:
On Wed, Sep 18, 2013 at 12:19:44PM -0400, Paul Moore wrote:
On Wednesday, September 18, 2013 04:59:10 PM Daniel P. Berrange wrote:
On Wed, Sep 18, 2013 at 11:53:09AM -0400, Paul Moore wrote:
On Wednesday, September
On 09/11/2013 01:49 PM, Daniel P. Berrange wrote:
On Wed, Sep 11, 2013 at 12:45:54PM -0400, Corey Bryant wrote:
On 09/06/2013 03:21 PM, Eduardo Otubo wrote:
New command line options for the seccomp blacklist feature:
$ qemu -sandbox on[,strict=on|off]
The strict parameter will turn on
On Tue, Sep 17, 2013 at 10:01:23AM -0300, Eduardo Otubo wrote:
On 09/11/2013 01:49 PM, Daniel P. Berrange wrote:
On Wed, Sep 11, 2013 at 12:45:54PM -0400, Corey Bryant wrote:
On 09/06/2013 03:21 PM, Eduardo Otubo wrote:
New command line options for the seccomp blacklist feature:
$
On Tuesday, September 17, 2013 02:06:06 PM Daniel P. Berrange wrote:
On Tue, Sep 17, 2013 at 10:01:23AM -0300, Eduardo Otubo wrote:
Paul, what exactly are you planning to add to libvirt? I'm not a big
fan of using qemu command line to pass syscalls for blacklist as
arguments, but I can't
On 09/17/2013 11:43 AM, Paul Moore wrote:
On Tuesday, September 17, 2013 02:06:06 PM Daniel P. Berrange wrote:
On Tue, Sep 17, 2013 at 10:01:23AM -0300, Eduardo Otubo wrote:
Paul, what exactly are you planning to add to libvirt? I'm not a big
fan of using qemu command line to pass syscalls
On 09/17/2013 02:14 PM, Eduardo Otubo wrote:
On 09/17/2013 11:43 AM, Paul Moore wrote:
On Tuesday, September 17, 2013 02:06:06 PM Daniel P. Berrange wrote:
On Tue, Sep 17, 2013 at 10:01:23AM -0300, Eduardo Otubo wrote:
Paul, what exactly are you planning to add to libvirt? I'm not a big
On 09/17/2013 01:14 PM, Eduardo Otubo wrote:
On 09/17/2013 11:43 AM, Paul Moore wrote:
On Tuesday, September 17, 2013 02:06:06 PM Daniel P. Berrange wrote:
On Tue, Sep 17, 2013 at 10:01:23AM -0300, Eduardo Otubo wrote:
Paul, what exactly are you planning to add to libvirt? I'm not a big
On 09/17/2013 04:17 PM, Corey Bryant wrote:
On 09/17/2013 01:14 PM, Eduardo Otubo wrote:
On 09/17/2013 11:43 AM, Paul Moore wrote:
On Tuesday, September 17, 2013 02:06:06 PM Daniel P. Berrange wrote:
On Tue, Sep 17, 2013 at 10:01:23AM -0300, Eduardo Otubo wrote:
Paul, what exactly are
On 09/06/2013 03:21 PM, Eduardo Otubo wrote:
New command line options for the seccomp blacklist feature:
$ qemu -sandbox on[,strict=on|off]
The strict parameter will turn on or off the new system call blacklist
I mentioned this before but I'll say it again since I think it needs to
be
On Wed, Sep 11, 2013 at 12:45:54PM -0400, Corey Bryant wrote:
On 09/06/2013 03:21 PM, Eduardo Otubo wrote:
New command line options for the seccomp blacklist feature:
$ qemu -sandbox on[,strict=on|off]
The strict parameter will turn on or off the new system call blacklist
I
New command line options for the seccomp blacklist feature:
$ qemu -sandbox on[,strict=on|off]
The strict parameter will turn on or off the new system call blacklist
Signed-off-by: Eduardo Otubo ot...@linux.vnet.ibm.com
---
qemu-options.hx | 8 +---
vl.c| 11 ++-
2
18 matches
Mail list logo