[pve-devel] [PATCH container/manager v2 0/2] add deny read/write options for device passthrough
Filip Schauer
f.schauer at proxmox.com
Wed Jul 24 19:18:55 CEST 2024
Add the deny_read and deny_write options for device passthrough, to
restrict container access to devices.
This allows for passing through a device in read-only mode without
giving the container full access it.
Up until now a container with a device passed through to it was granted
full access to that device without an option to restrict that access as
pointed out by @Fiona.
Changes since v1:
* set default values for deny_read & deny_write
* remove the deny_read checkbox from the UI, since it is expected to
only have a very niche use case.
pve-container:
Filip Schauer (1):
add deny read/write options for device passthrough
src/PVE/LXC.pm | 13 ++++++++++++-
src/PVE/LXC/Config.pm | 12 ++++++++++++
2 files changed, 24 insertions(+), 1 deletion(-)
pve-manager:
Filip Schauer (1):
ui: lxc: add readonly option for device passthrough
www/manager6/lxc/DeviceEdit.js | 8 ++++++++
1 file changed, 8 insertions(+)
Summary over all repositories:
3 files changed, 32 insertions(+), 1 deletions(-)
--
Generated by git-murpp 0.6.0
More information about the pve-devel
mailing list