[libvirt] [PATCH v3 0/5] RFC: grant KVM guests retain arbitrary capabilities
Paolo Bonzini
pbonzini at redhat.com
Fri Jan 27 08:38:48 UTC 2012
On 01/27/2012 08:18 AM, Taku Izumi wrote:
> > In any case adding rawio (which is a per-process capability) to a<disk>
> > element would be wrong.
>
> It is true that process capability affects not per disk but a domain.
> It's a bit strange, but it is OK in my personal opinion.
No, this must be made very clear in the XML! Remember that rawio lets
you send dangerous commands such as WRITE BUFFER and any vendor specific
thing. I absolutely don't think it's okay to enable them on disks just
because _another_ disk gets a rawio="yes" attribute.
If you want to add it to the <disk> element, you should first add
support for an arbitrary whitelist in the kernel (e.g. by extending the
devices cgroups). The whitelisting code is in the kernel, just not the
cgroups interface.
Paolo
More information about the libvir-list
mailing list