From mboxrd@z Thu Jan  1 00:00:00 1970
From: Avi Kivity <avi@redhat.com>
Subject: Re: [PATCH v2] device-assignment: chmod the rom file before opening
 read/write
Date: Wed, 05 Jan 2011 17:14:55 +0200
Message-ID: <4D248AEF.3060201@redhat.com>
References: <20110104180649.23471.81148.stgit@s20.home>	 <20110104184516.28545.73442.stgit@s20.home>  <4D24328D.8050104@redhat.com> <1294239442.14851.12.camel@x201>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Cc: kvm@vger.kernel.org, chrisw@redhat.com
To: Alex Williamson <alex.williamson@redhat.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mx1.redhat.com ([209.132.183.28]:39746 "EHLO mx1.redhat.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1751231Ab1AEPO7 (ORCPT <rfc822;kvm@vger.kernel.org>);
	Wed, 5 Jan 2011 10:14:59 -0500
Received: from int-mx09.intmail.prod.int.phx2.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22])
	by mx1.redhat.com (8.13.8/8.13.8) with ESMTP id p05FEwnf028140
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK)
	for <kvm@vger.kernel.org>; Wed, 5 Jan 2011 10:14:58 -0500
In-Reply-To: <1294239442.14851.12.camel@x201>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

On 01/05/2011 04:57 PM, Alex Williamson wrote:
> A valid argument.  I think it could also be argued that the user is
> providing ownership of the file and writing to the file is part of the
> low level details of the sysfs rom file API and should be handled by the
> user of that API.  We basically have 3 places we could put this:
>
>       A. kernel - Why is this file mode 0400 by default anyway if using
>          it requires write access?  Set it to mode 0600 here by default.
>       B. libvirt - Already does chown, why not do chmod too?  chmod and
>          restore here.
>       C. qemu - Owns file, chmod is trivial and part of the sysfs rom
>          file API?  chmod around usage.
>

qemu might not actually own the file, just have rw permissions.  Or it 
might own the file and selinux may prevent it from changing the 
permissions.  Or it may die before the reverse chmod and leave things 
not as they were.

> I chose qemu because it seemed to have the least chance of side-effects
> and has the smallest usage window.  Do you prefer libvirt or kernel?

No idea really.  What's the kernel's motivation for keeping it ro?  Sanity?

I'd guess libvirt is the one to do it, but someone more familiar with 
device assignment / pci (you?) should weigh in on this.

-- 
error compiling committee.c: too many arguments to function