Re: [Qemu-devel] [PATCH 3/5] docker: Use unconfined security profile

Hi Fam, Alex, Paolo, On 05/05/2017 12:23 AM, Fam Zheng wrote: Some by default blocked syscalls are required to run tests for example userfaultfd. Signed-off-by: Fam Zheng --- tests/docker/Makefile.include | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/docker/Makefile.include b/test

Re: [Qemu-devel] [PATCH 3/5] docker: Use unconfined security profile

On Fri, 05/05 09:27, Alex Bennée wrote: > > Fam Zheng writes: > > > Some by default blocked syscalls are required to run tests for example > > userfaultfd. > > Is there any way the tests could DoS the host? I guess you could achieve > the same running the iotests directly from make but it does

Re: [Qemu-devel] [PATCH 3/5] docker: Use unconfined security profile

Fam Zheng writes: > Some by default blocked syscalls are required to run tests for example > userfaultfd. Is there any way the tests could DoS the host? I guess you could achieve the same running the iotests directly from make but it does seem we should confine the docker guest as much as possi

[Qemu-devel] [PATCH 3/5] docker: Use unconfined security profile

Some by default blocked syscalls are required to run tests for example userfaultfd. Signed-off-by: Fam Zheng --- tests/docker/Makefile.include | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/docker/Makefile.include b/tests/docker/Makefile.include index 0ed8c3d..09d157c 100644 --- a/tes