[libvirt] RFC: stop clearing QEMU emulator capabilities

Michal Privoznik mprivozn at redhat.com
Fri Nov 29 08:15:07 UTC 2019

On 11/28/19 2:04 PM, Daniel P. Berrangé wrote:

I don't recall the exact details, but I remember I had to disable 
clearing capabilities temporarily (I vaguely recall it had something to 
do with device assignment). What I am trying to say is that clearing 
capabilities may sometimes get in our way. So I agree with not clearing 
them and relying on the rest of security mechanisms we have.


More information about the libvir-list mailing list