From mboxrd@z Thu Jan  1 00:00:00 1970
From: Masaki Kimura <masaki.kimura.kz@hitachi.com>
Subject: Re: Re: Oracle RAC in libvirt+KVM environment
Date: Tue, 27 Aug 2013 19:29:57 +0900
Message-ID: <521C7FA5.5040401@hitachi.com>
References: <CAH+8FswZaiuGJc8ZbwUgCHK8jXX1J+P7OadkP7KJOcbZXz3csA@mail.gmail.com> <20130814140232.GC28039@stefanha-thinkpad.redhat.com> <CAH+8FszswmoLg+4uj4gW8wuwJfTZvYTUbxHY=3du-R=hGeUiSw@mail.gmail.com> <5211FD0D.5040409@redhat.com> <CAH+8FswJLUcXg4i7dO-wa7cKK3ompEQX+78U14R2tFX7gNm3xg@mail.gmail.com> <521329D3.8030907@redhat.com> <CAH+8FszeD1Ss4FhugM0=UzktxukHc+k_ju5i34DZG=KJa9F5PA@mail.gmail.com> <521341EA.4010404@redhat.com> <CAH+8FswZd_VNr5QCOMssUtTc+=apWWgxUyfxxO8U6akJduXVBA@mail.gmail.com> <521349B0.60103@redhat.com> <CAH+8FswwFVd_-4gTkukKGwsguBfTWWe+ABy0i3ZSwSx+804A2w@mail.gmail.com> <52135C67.20202@redhat.com> <CAH+8FsxeCPJHe-HgJVGs3vz3NtQjiUp+u6rijW0+QkZh+g7ADg@mail.gmail.com> <521483D1.7040803@redhat.com> <1377078058.32763.37.camel@haakon3.risingtidesystems.com> <CAH+8FszkWDEhEZm
 vcZDqw+JE=j8JJQWhVx=g9v=8XNiM4b2S8w@mail.gmail.com> <5215D3AE.7050409@redhat.com> <CAH+8Fsy_-udtSKrc27kii-KPSEF0BE5Md8gdGNO7eF=gG7D9hg@mail.gmail.com>
Reply-To: masaki.kimura.kz@hitachi.com
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: Paolo Bonzini <pbonzini@redhat.com>,
	"Nicholas A. Bellinger" <nab@linux-iscsi.org>,
	Stefan Hajnoczi <stefanha@gmail.com>,
	Don Koch <dkoch@verizon.com>,
	libvirt-users <libvirt-users@redhat.com>, kvm@vger.kernel.org
To: Timon Wang <timonwst@gmail.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mailxx.hitachi.co.jp ([133.145.228.50]:41765 "EHLO
	mailxx.hitachi.co.jp" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1752847Ab3H0KcP (ORCPT <rfc822;kvm@vger.kernel.org>);
	Tue, 27 Aug 2013 06:32:15 -0400
In-Reply-To: <CAH+8Fsy_-udtSKrc27kii-KPSEF0BE5Md8gdGNO7eF=gG7D9hg@mail.gmail.com>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

>> I found that scsicmd can't pass all the scsi3_test but the result of
>> sg_inq is the same as it in the host.
>>
>> I am absolutely confused about this situation. Am I missed some
>> information about it?

I guess this is caused by the lack of capability.
Please check if enough capability was added to kvm process by the following 
steps. 

  1. Check the pid of kvm process.
     # ps -C qemu-system-x86_64 -o pid=
      5177
  2. Check the capability for the process.
     # getpcaps 5177
     Capabilities for `5177': = cap_sys_rawio+i

In my fedora19 environment, as seen in above, only cap_sys_rawio+i was added
with rawio='yes'. Even though, cap_sys_rawio+ep is required to pass-through 
SCSI Reservation from the guest. 

Note that I succeeded to pass-through SCSI Reservation with the following steps
in my environment, not a Windows guest though.

  1. Stop the guest.
  2. Add CAP_SYS_RAWIO(effective, permitted) to qemu-kvm.
     # setcap cap_sys_rawio=ep /usr/bin/qemu-system-x86_64
  3. Start the guest.

However, I don't think this is the right way to workaround it, because it 
gives cap_sys_rawio+ep to all the kvm processes executed from this binary.

I believe following patches, which are not merged yet, are trying to solve 
this problem in a different approach.
     - [PATCH v3 part2] Add per-device sysfs knob to enable unrestricted, 
      unprivileged SG_IO
      https://lkml.org/lkml/2013/5/23/294
    - [RFC PATCH 0/4] SG_IO filtering via sysfs and minimal whitelist
      https://lkml.org/lkml/2013/5/27/230


Any comments on this?


Masaki