Re: [libvirt] [PATCH v10 0/7] file descriptor passing using fd sets
On 08/13/2012 08:08 AM, Corey Bryant wrote:
libvirt's sVirt security driver provides SELinux MAC isolation
for
Qemu guest processes and their corresponding image files. In other
words, sVirt uses SELinux to prevent a QEMU process from opening
files that do not belong to it.
Corey Bryant (7):
qemu-char: Add MSG_CMSG_CLOEXEC flag to recvmsg
qapi: Introduce add-fd, remove-fd, query-fdsets
block: Prevent detection of /dev/fdset/ as floppy
block: Convert open calls to qemu_open
block: Convert close calls to qemu_close
block: Enable qemu_open/close to work with fd sets
monitor: Clean up fd sets on monitor disconnect
Hooray - I think we're there! Series:
Reviewed-by: Eric Blake <eblake(a)redhat.com>
--
Eric Blake eblake(a)redhat.com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
Attachments:
- signature.asc (application/pgp-signature — 620 bytes)