Split the fully privileged parent into two processes "parent" and

"vmm" with reduced privileges:
- the "parent" opens fds (disks, ifs, etc.) but runs as root but pledged as
  "stdio rpath wpath proc tty sendfd".
- the "vmm" process handles the creation and supervision of vm processes,
  and the primary communication with the vmm(4) subsystem.  It runs as _vmd
  in the chroot but does not use pledge, as the vmm ioctls are not allowed
  by any pledge model yet.
With this change, vmd starts to track the configuration state of VMs
in vmd and will allow other things later (like terminating a vm by
name, moving the configuration parser to vmd, ...).  More incremental
changes will follow.

0 files changed, 0 insertions, 0 deletions