| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
| |
instances of the same configuration will be handled in a different way
later. It is also not a good idea to use the same writeable disk
with multiple VMs at the same time.
As discussed with mlarkin@
|
| | |
|
| |
|
|
|
|
|
| |
unique id to it. This happens in the vm child process and has to be
communicated to the parent processes to track the vm. Knowing the vm
id in the parent and vmm processes also allows to remove vm from the
daemons list on terminate requests later.
|
| | |
|
| |
|
|
| |
Pointed out by deraadt@
|
| |
|
|
|
|
|
|
| |
the configuration in vmctl directly, it now sends a (re)load request
to vmd. The reload also resets the existing configuration status -
this doesn't do much difference yet but a future change will compare
if a specified VM is already running. "load" will allow to add
configuration, while "reload" resets the state before loading.
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
vmm.conf(5) in vmmctl. For a short time, both vmd and vmmctl will
support a configuration file, but vmmctl will be changed to send
"load" requests to vmd instead of loading and parsing the file
directly.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
"vmm" with reduced privileges:
- the "parent" opens fds (disks, ifs, etc.) but runs as root but pledged as
"stdio rpath wpath proc tty sendfd".
- the "vmm" process handles the creation and supervision of vm processes,
and the primary communication with the vmm(4) subsystem. It runs as _vmd
in the chroot but does not use pledge, as the vmm ioctls are not allowed
by any pledge model yet.
With this change, vmd starts to track the configuration state of VMs
in vmd and will allow other things later (like terminating a vm by
name, moving the configuration parser to vmd, ...). More incremental
changes will follow.
|
| |
|
|
|
|
|
|
| |
process into multiple parts and adopting the "proc.c"-style from other
daemons. This allows to further reduce the privileges, to give better
pledge(2), and to add some upcoming changes.
"please do" mlarkin@, deraadt@
|
| |
|
|
|
|
|
|
|
| |
last VM is terminated. This allows to remove the explicit "vmm
enable" / "vmm disable" (VMM_IOC_START / VMM_IOC_STOP) ioctls. You'll
have to update kernel and userland for this change, as the kernel ABI
changes.
OK mpi@ mlarkin@
|
| | |
|
| |
|
|
|
|
|
|
|
| |
in the current control socket loop. Add a poll before the accept that
is not restarted and allows to escape the loop. This code is kind of
temporary, as we're planning to replace the event handling, but it
allows to kill (or Ctrl+c) vmd for now.
OK tedu@, discussed with many
|
| |
|
|
|
|
| |
messages to log_*.
From Cesare Gargano
|
| |
|
|
|
|
| |
foreground with -d.
OK mlarkin@ jung@
|
| | |
|
| | |
|
|
|
There is still a lot to be done, and fixed, in these userland components
but I have received enough "it works, commit it" emails that it's time
to finish those things in tree.
discussed with many, tested by many.
|
reyk
tedu
deraadt
mlarkin