[PATCH] qemu: do not allow /dev/rtc or /dev/hpet access via the devices cgroup
Michal Privoznik
mprivozn at redhat.com
Tue May 19 08:10:54 UTC 2020
On 5/19/20 1:06 AM, Paolo Bonzini wrote:
> The RTC and HPET modes for the QEMU emulation tick have been dropped almost 9 years
> ago, in commit 25f3151ece1d5881826232bebccc21b588d4e03e. Do not allow them in the
qemu.git $ git describe --tags 25f3151ece1d5881826232bebccc21b588d4e03e
v0.14.0-rc0-1169-g25f3151ece
and the minimum supported version is 1.5.0 so this is safe to merge from
min version POV.
> devices cgroup policy.
>
> Signed-off-by: Paolo Bonzini <pbonzini at redhat.com>
> ---
> docs/drvqemu.html.in | 1 -
> src/qemu/qemu.conf | 1 -
> src/qemu/qemu_cgroup.c | 1 -
> src/qemu/test_libvirtd_qemu.aug.in | 2 --
> 4 files changed, 5 deletions(-)
It's not only QEMU that might use these but also a library that is
linking with. However, quick strace showed no access to either of the
files so:
Reviewed-by: Michal Privoznik <mprivozn at redhat.com>
And pushed.
Michal
More information about the libvir-list
mailing list