From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Daniel P. Berrange" Subject: Re: [PATCH v2] device-assignment: chmod the rom file before opening read/write Date: Wed, 5 Jan 2011 15:26:10 +0000 Message-ID: <20110105152610.GI28620@redhat.com> References: <20110104180649.23471.81148.stgit@s20.home> <20110104184516.28545.73442.stgit@s20.home> <4D24328D.8050104@redhat.com> <1294239442.14851.12.camel@x201> <4D248AEF.3060201@redhat.com> Reply-To: "Daniel P. Berrange" Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Cc: Alex Williamson , kvm@vger.kernel.org, chrisw@redhat.com To: Avi Kivity Return-path: Received: from mx1.redhat.com ([209.132.183.28]:45091 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751256Ab1AEP0P (ORCPT ); Wed, 5 Jan 2011 10:26:15 -0500 Received: from int-mx01.intmail.prod.int.phx2.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) by mx1.redhat.com (8.13.8/8.13.8) with ESMTP id p05FQF66032328 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Wed, 5 Jan 2011 10:26:15 -0500 Content-Disposition: inline In-Reply-To: <4D248AEF.3060201@redhat.com> Sender: kvm-owner@vger.kernel.org List-ID: On Wed, Jan 05, 2011 at 05:14:55PM +0200, Avi Kivity wrote: > On 01/05/2011 04:57 PM, Alex Williamson wrote: > >A valid argument. I think it could also be argued that the user is > >providing ownership of the file and writing to the file is part of the > >low level details of the sysfs rom file API and should be handled by the > >user of that API. We basically have 3 places we could put this: > > > > A. kernel - Why is this file mode 0400 by default anyway if using > > it requires write access? Set it to mode 0600 here by default. > > B. libvirt - Already does chown, why not do chmod too? chmod and > > restore here. > > C. qemu - Owns file, chmod is trivial and part of the sysfs rom > > file API? chmod around usage. > > > > qemu might not actually own the file, just have rw permissions. Or > it might own the file and selinux may prevent it from changing the > permissions. Or it may die before the reverse chmod and leave > things not as they were. Agreed, I don't think we can rely on QEMU being able to chmod() the file in general. > > >I chose qemu because it seemed to have the least chance of side-effects > >and has the smallest usage window. Do you prefer libvirt or kernel? > > No idea really. What's the kernel's motivation for keeping it ro? Sanity? > > I'd guess libvirt is the one to do it, but someone more familiar > with device assignment / pci (you?) should weigh in on this. I've no real objection to libvirt setting the 0600 permissions on it, if that's required for correct operation. BTW, what is the failure scenario seen when the file is 0400. I want to know how to diagnose/triage this if it gets reported by users in BZ... Regards, Daniel