[Qemu-devel] Changing vmexit behavior for a running guest
From:
panda23
Subject:
[Qemu-devel] Changing vmexit behavior for a running guest
Date:
Sat, 17 Dec 2011 14:22:12 +0000
For sandboxing some forms of untrusted code, the risk of a red pill could be greatly reduced if qemu had "seccomp" mode, i.e., a way for a guest OS to request that qemu drop any future unwhitelisted vmexit calls. How complicated would it be to add this functionality to qemu and which parts of qemu would I need to modify?
Jason
[Prev in Thread]
Current Thread
[Next in Thread]
[Qemu-devel] Changing vmexit behavior for a running guest,
panda23<=