From: Alex Williamson <alex.williamson@redhat.com>
To: "Daniel P. Berrange" <berrange@redhat.com>
Cc: Avi Kivity <avi@redhat.com>, kvm@vger.kernel.org, chrisw@redhat.com
Subject: Re: [PATCH v2] device-assignment: chmod the rom file before opening read/write
Date: Wed, 05 Jan 2011 09:28:26 -0700 [thread overview]
Message-ID: <1294244906.14851.23.camel@x201> (raw)
In-Reply-To: <20110105152610.GI28620@redhat.com>
On Wed, 2011-01-05 at 15:26 +0000, Daniel P. Berrange wrote:
> On Wed, Jan 05, 2011 at 05:14:55PM +0200, Avi Kivity wrote:
> > On 01/05/2011 04:57 PM, Alex Williamson wrote:
> > >A valid argument. I think it could also be argued that the user is
> > >providing ownership of the file and writing to the file is part of the
> > >low level details of the sysfs rom file API and should be handled by the
> > >user of that API. We basically have 3 places we could put this:
> > >
> > > A. kernel - Why is this file mode 0400 by default anyway if using
> > > it requires write access? Set it to mode 0600 here by default.
> > > B. libvirt - Already does chown, why not do chmod too? chmod and
> > > restore here.
> > > C. qemu - Owns file, chmod is trivial and part of the sysfs rom
> > > file API? chmod around usage.
> > >
> >
> > qemu might not actually own the file, just have rw permissions. Or
> > it might own the file and selinux may prevent it from changing the
> > permissions. Or it may die before the reverse chmod and leave
> > things not as they were.
>
> Agreed, I don't think we can rely on QEMU being able to chmod() the
> file in general.
>
> >
> > >I chose qemu because it seemed to have the least chance of side-effects
> > >and has the smallest usage window. Do you prefer libvirt or kernel?
> >
> > No idea really. What's the kernel's motivation for keeping it ro? Sanity?
> >
> > I'd guess libvirt is the one to do it, but someone more familiar
> > with device assignment / pci (you?) should weigh in on this.
>
> I've no real objection to libvirt setting the 0600 permissions
> on it, if that's required for correct operation.
I'll try the kernel first, digging through history it looks more like a
kernel bug.
> BTW, what is the failure scenario seen when the file is 0400.
> I want to know how to diagnose/triage this if it gets reported
> by users in BZ...
Nothing terrible; on older versions the option ROM contents won't
contain the actual option rom, on newer versions, the ROM BAR doesn't
even get added when the fopen fails. Thanks,
Alex
next prev parent reply other threads:[~2011-01-05 16:28 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-01-04 18:07 [PATCH] device-assignment: chmod the rom file before opening read/write Alex Williamson
2011-01-04 18:30 ` Chris Wright
2011-01-04 18:36 ` Alex Williamson
2011-01-04 18:45 ` [PATCH v2] " Alex Williamson
2011-01-05 8:57 ` Avi Kivity
2011-01-05 14:57 ` Alex Williamson
2011-01-05 15:14 ` Avi Kivity
2011-01-05 15:26 ` Daniel P. Berrange
2011-01-05 16:28 ` Alex Williamson [this message]
2011-01-05 16:23 ` Alex Williamson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1294244906.14851.23.camel@x201 \
--to=alex.williamson@redhat.com \
--cc=avi@redhat.com \
--cc=berrange@redhat.com \
--cc=chrisw@redhat.com \
--cc=kvm@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox