On Fri, Mar 15, 2019 at 03:51:57PM +, Singh, Brijesh wrote:
> Hi Daniel,
>
>
> On 3/15/19 7:18 AM, Daniel P. Berrangé wrote:
> > On Fri, Jan 18, 2019 at 12:51:50PM +, Singh, Brijesh wrote:
> >>
> >> On 1/18/19 3:39 AM, Erik Skultety wrote:
> >>> I proceeded with cloning [1] to systemd and
Hi Daniel,
On 3/15/19 7:18 AM, Daniel P. Berrangé wrote:
> On Fri, Jan 18, 2019 at 12:51:50PM +, Singh, Brijesh wrote:
>>
>> On 1/18/19 3:39 AM, Erik Skultety wrote:
>>> I proceeded with cloning [1] to systemd and creating an udev rule that I
>>> planned
>>> on submitting to systemd upstream
On Fri, Jan 18, 2019 at 12:51:50PM +, Singh, Brijesh wrote:
>
> On 1/18/19 3:39 AM, Erik Skultety wrote:
> > I proceeded with cloning [1] to systemd and creating an udev rule that I
> > planned
> > on submitting to systemd upstream - the initial idea was to mimic /dev/kvm
> > and
> > make it
On Wed, Jan 30, 2019 at 06:18:22PM +, Daniel P. Berrangé wrote:
> On Wed, Jan 30, 2019 at 02:39:54PM +0100, Erik Skultety wrote:
> > > > > though, we need a #ifdef check for existance of PR_CAP_AMBIENT
> > > > >
> > > > > > An alternative question I've been playing ever since we exchanged
> >
On Wed, Jan 30, 2019 at 02:39:54PM +0100, Erik Skultety wrote:
> > > > though, we need a #ifdef check for existance of PR_CAP_AMBIENT
> > > >
> > > > > An alternative question I've been playing ever since we exchanged the
> > > > > last few
> > > > > emails is that can't we wait until the ioctls a
On 1/30/19 7:39 AM, Erik Skultety wrote:
though, we need a #ifdef check for existance of PR_CAP_AMBIENT
> An alternative question I've been playing ever since we exchanged the
> last few
> emails is that can't we wait until the ioctls are compared against
> permissions
> > > though, we need a #ifdef check for existance of PR_CAP_AMBIENT
> > >
> > > > An alternative question I've been playing ever since we exchanged the
> > > > last few
> > > > emails is that can't we wait until the ioctls are compared against
> > > > permissions
> > > > in kernel so that upstre
On Wed, Jan 30, 2019 at 09:06:30AM +0100, Erik Skultety wrote:
> Thanks for ^this bit which helped me understand the bits below. When I read
> the
> man page yesterday the first question was, okay, how do I figure out whether
> the file capabilities bit is set? Well, use xattrs...which didn't retu
On Tue, Jan 29, 2019 at 06:40:08PM +, Daniel P. Berrangé wrote:
> On Tue, Jan 29, 2019 at 05:15:42PM +0100, Erik Skultety wrote:
> > On Wed, Jan 23, 2019 at 03:02:28PM +, Singh, Brijesh wrote:
> > >
> > >
> > > On 1/23/19 7:36 AM, Daniel P. Berrangé wrote:
> > > > On Wed, Jan 23, 2019 at 02
On Tue, Jan 29, 2019 at 05:15:42PM +0100, Erik Skultety wrote:
> On Wed, Jan 23, 2019 at 03:02:28PM +, Singh, Brijesh wrote:
> >
> >
> > On 1/23/19 7:36 AM, Daniel P. Berrangé wrote:
> > > On Wed, Jan 23, 2019 at 02:33:01PM +0100, Erik Skultety wrote:
> > >> On Wed, Jan 23, 2019 at 01:24:13PM +
On Wed, Jan 23, 2019 at 03:02:28PM +, Singh, Brijesh wrote:
>
>
> On 1/23/19 7:36 AM, Daniel P. Berrangé wrote:
> > On Wed, Jan 23, 2019 at 02:33:01PM +0100, Erik Skultety wrote:
> >> On Wed, Jan 23, 2019 at 01:24:13PM +, Daniel P. Berrangé wrote:
> >>> On Wed, Jan 23, 2019 at 02:22:12PM +0
On Wed, Jan 23, 2019 at 03:02:28PM +, Singh, Brijesh wrote:
>
>
> On 1/23/19 7:36 AM, Daniel P. Berrangé wrote:
> > On Wed, Jan 23, 2019 at 02:33:01PM +0100, Erik Skultety wrote:
> >> On Wed, Jan 23, 2019 at 01:24:13PM +, Daniel P. Berrangé wrote:
> >>> On Wed, Jan 23, 2019 at 02:22:12PM +0
On 1/23/19 7:36 AM, Daniel P. Berrangé wrote:
> On Wed, Jan 23, 2019 at 02:33:01PM +0100, Erik Skultety wrote:
>> On Wed, Jan 23, 2019 at 01:24:13PM +, Daniel P. Berrangé wrote:
>>> On Wed, Jan 23, 2019 at 02:22:12PM +0100, Erik Skultety wrote:
On Wed, Jan 23, 2019 at 01:10:42PM +, D
On Wed, Jan 23, 2019 at 02:33:01PM +0100, Erik Skultety wrote:
> On Wed, Jan 23, 2019 at 01:24:13PM +, Daniel P. Berrangé wrote:
> > On Wed, Jan 23, 2019 at 02:22:12PM +0100, Erik Skultety wrote:
> > > On Wed, Jan 23, 2019 at 01:10:42PM +, Daniel P. Berrangé wrote:
> > > > On Wed, Jan 23, 2
On Wed, Jan 23, 2019 at 01:24:13PM +, Daniel P. Berrangé wrote:
> On Wed, Jan 23, 2019 at 02:22:12PM +0100, Erik Skultety wrote:
> > On Wed, Jan 23, 2019 at 01:10:42PM +, Daniel P. Berrangé wrote:
> > > On Wed, Jan 23, 2019 at 01:55:06PM +0100, Erik Skultety wrote:
> > > > On Fri, Jan 18, 2
On Wed, Jan 23, 2019 at 01:55:06PM +0100, Erik Skultety wrote:
> On Fri, Jan 18, 2019 at 12:51:50PM +, Singh, Brijesh wrote:
> >
> > On 1/18/19 3:39 AM, Erik Skultety wrote:
> > > Hi,
> > > this is a summary of a private discussion I've had with guys CC'd on this
> > > email
> > > about findin
On Wed, Jan 23, 2019 at 01:10:42PM +, Daniel P. Berrangé wrote:
> On Wed, Jan 23, 2019 at 01:55:06PM +0100, Erik Skultety wrote:
> > On Fri, Jan 18, 2019 at 12:51:50PM +, Singh, Brijesh wrote:
> > >
> > > On 1/18/19 3:39 AM, Erik Skultety wrote:
> > > > Hi,
> > > > this is a summary of a pr
On Wed, Jan 23, 2019 at 02:22:12PM +0100, Erik Skultety wrote:
> On Wed, Jan 23, 2019 at 01:10:42PM +, Daniel P. Berrangé wrote:
> > On Wed, Jan 23, 2019 at 01:55:06PM +0100, Erik Skultety wrote:
> > > On Fri, Jan 18, 2019 at 12:51:50PM +, Singh, Brijesh wrote:
> > > >
> > > > On 1/18/19 3:
On Fri, Jan 18, 2019 at 12:51:50PM +, Singh, Brijesh wrote:
>
> On 1/18/19 3:39 AM, Erik Skultety wrote:
> > Hi,
> > this is a summary of a private discussion I've had with guys CC'd on this
> > email
> > about finding a solution to [1] - basically, the default permissions on
> > /dev/sev (bel
On Fri, Jan 18, 2019 at 10:16:38AM +, Daniel P. Berrangé wrote:
On Fri, Jan 18, 2019 at 10:39:35AM +0100, Erik Skultety wrote:
Hi,
this is a summary of a private discussion I've had with guys CC'd on this email
about finding a solution to [1] - basically, the default permissions on
/dev/sev
On Fri, Jan 18, 2019 at 11:17:11AM +, Daniel P. Berrangé wrote:
On Fri, Jan 18, 2019 at 12:11:50PM +0100, Martin Kletzander wrote:
On Fri, Jan 18, 2019 at 10:16:38AM +, Daniel P. Berrangé wrote:
> I've just realized there is a potential 3rd solution. Remember there is
> actually nothing
On 1/18/19 3:39 AM, Erik Skultety wrote:
> Hi,
> this is a summary of a private discussion I've had with guys CC'd on this
> email
> about finding a solution to [1] - basically, the default permissions on
> /dev/sev (below) make it impossible to query for SEV platform capabilities,
> since by def
On Fri, Jan 18, 2019 at 12:11:50PM +0100, Martin Kletzander wrote:
> On Fri, Jan 18, 2019 at 10:16:38AM +, Daniel P. Berrangé wrote:
> > I've just realized there is a potential 3rd solution. Remember there is
> > actually nothing inherantly special about the 'root' user as an account
> > ID. 'r
On Fri, Jan 18, 2019 at 10:39:35AM +0100, Erik Skultety wrote:
> Hi,
> this is a summary of a private discussion I've had with guys CC'd on this
> email
> about finding a solution to [1] - basically, the default permissions on
> /dev/sev (below) make it impossible to query for SEV platform capabil
Hi,
this is a summary of a private discussion I've had with guys CC'd on this email
about finding a solution to [1] - basically, the default permissions on
/dev/sev (below) make it impossible to query for SEV platform capabilities,
since by default we run QEMU as qemu:qemu when probing for capabili
25 matches
Mail list logo