Run your VMs using seccomp filter for improved security against qemu exploits. For more details, please see:
Nothing beyond the initial test day setup (basically a function F18 VM).
How to test
- Verify a VM starts up fine, to start.
- Stop all VMs
- Edit /etc/libvirt/qemu.conf, change seccomp_sandbox = 1
- Restart libvirtd
- Start a VM, connect to the graphical console with virt-manager
- Verify that the VM seems to be behaving as usual.
No obvious errors occur, guests seem to function like normal after all the steps.