From: Stefan Hajnoczi <stefanha@redhat.com>
To: Hannes Reinecke <hare@suse.de>
Cc: "Daniel P. Berrangé" <berrange@redhat.com>,
"Martin Wilck" <mwilck@suse.com>,
"Benjamin Marzinski" <bmarzins@redhat.com>,
"Paolo Bonzini" <pbonzini@redhat.com>,
qemu-block@nongnu.org, "Kevin Wolf" <kwolf@redhat.com>,
afaria@redhat.com, qemu-devel@nongnu.org,
"Mikulas Patocka" <mpatocka@redhat.com>
Subject: Re: Moving from qemu-pr-helper and libmpathpersist to <linux/pr.h>
Date: Mon, 9 Feb 2026 09:23:06 -0500 [thread overview]
Message-ID: <20260209142306.GA24854@fedora> (raw)
In-Reply-To: <ba99c16a-f621-49a7-bab4-c262a4f2a2e8@suse.de>
[-- Attachment #1: Type: text/plain, Size: 1985 bytes --]
On Mon, Feb 09, 2026 at 01:50:00PM +0100, Hannes Reinecke wrote:
> On 2/6/26 15:08, Stefan Hajnoczi wrote:
> > On Fri, Feb 06, 2026 at 01:03:18AM +0100, Hannes Reinecke wrote:
> > > On 2/5/26 14:39, Stefan Hajnoczi wrote:
> [ .. ]
> > > That would make sense, but unfortunately READ KEYS (and READ
> > > RESERVATIONS) requires the same privileges than the other
> > > blkpr functions. Might be an idea to change that, though.
> >
> > Making sure I understand:
> >
> > blkdev_pr_read_keys() and blkdev_pr_read_reservation() in Linux
> > block/ioctl.c should be adjusted to allow not just BLK_OPEN_WRITE but
> > also BLK_OPEN_READ?
> >
> Yes.
>
> > I think it's okay from a security perspective: if the application can
> > already read the entire disk, then it's okay for it to read the keys and
> > reservation information. But I'm not 100% sure...
> >
> > In any case, I think this idea is orthogonal to the discussion about
> > DM-Multipath <linux/pr.h> support. In terms of permission requirements,
> > <linux/pr.h> already requires fewer permissions (just opening the block
> > device for write) today than libmpathpersist or ioctl(SG_IO). Or do you
> > see a scenario where the application wants to open the block device as
> > root (or CAP_SYS_RAWIO) but read-only, so requiring opening the device
> > with write permissions is a blocker?
> >
>
> My concern with opening the block device with BLK_OPEN_WRITE is that
> this will trigger udev to 'synthesize' (ie regenerate) an 'add' event
> on close, causing 'interesting' effects as this will cascade down
> through the udev rule chain, triggering blkid, partition scan, you
> name it.
> Horrible, horrible, horrible.
> Don't do it.
>
> Especially not as you are only interested in reading information,
> and not changing the disk state in any way.
I see. I will send patches to change blkdev_pr_read_keys()
blkdev_pr_read_reservation() to require only BLK_OPEN_READ.
Stefan
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
next prev parent reply other threads:[~2026-02-09 14:23 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-01-27 18:47 Moving from qemu-pr-helper and libmpathpersist to <linux/pr.h> Stefan Hajnoczi
2026-01-27 19:45 ` Paolo Bonzini
2026-01-28 14:18 ` Stefan Hajnoczi
2026-01-28 15:30 ` Hannes Reinecke
2026-01-28 16:13 ` Stefan Hajnoczi
2026-01-27 21:06 ` Benjamin Marzinski
2026-02-03 15:09 ` Stefan Hajnoczi
2026-02-03 17:53 ` Benjamin Marzinski
2026-02-03 18:04 ` Stefan Hajnoczi
2026-02-04 13:19 ` Martin Wilck
2026-02-04 18:32 ` Stefan Hajnoczi
2026-02-04 23:57 ` Hannes Reinecke
2026-02-05 1:03 ` Benjamin Marzinski
2026-02-05 10:20 ` Martin Wilck
2026-02-05 11:52 ` Martin Wilck
2026-02-05 12:01 ` Daniel P. Berrangé
2026-02-05 13:39 ` Stefan Hajnoczi
2026-02-06 0:03 ` Hannes Reinecke
2026-02-06 14:08 ` Stefan Hajnoczi
2026-02-09 12:50 ` Hannes Reinecke
2026-02-09 14:23 ` Stefan Hajnoczi [this message]
2026-02-10 10:23 ` Martin Wilck
2026-02-10 13:59 ` Stefan Hajnoczi
2026-02-10 14:29 ` Martin Wilck
2026-02-05 14:28 ` Stefan Hajnoczi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260209142306.GA24854@fedora \
--to=stefanha@redhat.com \
--cc=afaria@redhat.com \
--cc=berrange@redhat.com \
--cc=bmarzins@redhat.com \
--cc=hare@suse.de \
--cc=kwolf@redhat.com \
--cc=mpatocka@redhat.com \
--cc=mwilck@suse.com \
--cc=pbonzini@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.