On 12/12/2014 12:13 PM, Raymond Durand wrote:
Thanks.
2014-12-12 17:06 GMT+01:00 Stefan Berger <[email protected]
<mailto:[email protected]>>:
On 12/12/2014 10:32 AM, Daniel P. Berrange wrote:
On Fri, Dec 12, 2014 at 04:24:55PM +0100, Raymond Durand wrote:
Thanks.
How are the rules managed so as to fit the VM system calls?
Is tuning possible? recommended?
QEMU has a built-in policy that adds rules for every conceivable
function that QEMU might need to execute. Given that is quite
broad, the security benefit from seccomp enablement is quit low
IMHO
Base code and (active) devices would each have to report what
syscalls they need so this list could be reduced to the minimum ...
"Could be reduced": how? do you have in mind by selecting the
appropriate active devices at the initialization time?
The difficulty would be to determine which devices require which
syscalls beyond what 'base' QEMU needs (= QEMU without devices). So one
would have to use QEMU with one device after another and see which new
syscalls are required due to a specific device (syscall auditing), then
add the array of syscalls to a device's TypeInfo structure and collect
them this way. If a device's code was to change, you'd have to do it
again. So I think it would be a lot of work all the time.
Stefan
Stefan
Regards,
Daniel
--
libvir-list mailing list
[email protected] <mailto:[email protected]>
https://www.redhat.com/mailman/listinfo/libvir-list
Regards,
--
libvir-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/libvir-list
