From: "Daniel P. Berrange" <berrange@redhat.com>
To: mrhines@linux.vnet.ibm.com
Cc: quintela@redhat.com, qemu-devel@nongnu.org, owasserm@redhat.com,
onom@us.ibm.com, abali@us.ibm.com, mrhines@us.ibm.com,
gokul@us.ibm.com, pbonzini@redhat.com, chegu_vinod@hp.com
Subject: Re: [Qemu-devel] [PATCH v3 for-1.7] rdma: rename 'x-rdma' => 'rdma'
Date: Fri, 15 Nov 2013 17:06:12 +0000 [thread overview]
Message-ID: <20131115170612.GO28794@redhat.com> (raw)
In-Reply-To: <1383764354-10588-1-git-send-email-mrhines@linux.vnet.ibm.com>
On Wed, Nov 06, 2013 at 01:59:14PM -0500, mrhines@linux.vnet.ibm.com wrote:
> From: "Michael R. Hines" <mrhines@us.ibm.com>
>
> As far as we can tell, all known bugs have been fixed:
[snip]
> 3. Libvirt patches are ready
[snip]
> Objections?
There was a first round of patches posted to the libvirt list back
in July, but those were rejected since QEMU side was still in flux.
More seriously though, from discussions at the KVM Forum it sounds
like there is a significant problem in actually using the RDMA
code. Unfortunately I can't remember who I was talking with about
it, but I was told that it requires the QEMU process to run as root
in order to talk to some of the kernel interfaces, and requires
manual updates to the cgroups device ACL to allow QEMU access to
some RMDA related device nodes.
For this to be supportable in libvirt, we need this to work when
QEMU is running as an unprivileged user/group ID. If access to
any privileged resources is required, then there needs to be a
way to get privilege separation. Either libvirtd would need to
change file ownership to grant QEMU access to resources, or
libvirtd would need to open the resources & pass a FD across to
QEMU. Running QEMU as root is a non-starter.
I don't recall any new version of the patches being posted since
then to address this problem, so from the libvirt POV I don't
think this is ready, unelss I was mis-informed about this permission
problem.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
next prev parent reply other threads:[~2013-11-15 17:06 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-11-06 18:59 [Qemu-devel] [PATCH v3 for-1.7] rdma: rename 'x-rdma' => 'rdma' mrhines
2013-11-06 19:04 ` Eric Blake
2013-11-15 17:06 ` Daniel P. Berrange [this message]
2013-11-15 17:40 ` Michael R. Hines
2013-11-15 19:25 ` Eric Blake
2013-11-15 19:44 ` Michael R. Hines
2013-11-15 19:49 ` Eric Blake
2013-11-16 10:32 ` Daniel P. Berrange
2013-11-22 16:50 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20131115170612.GO28794@redhat.com \
--to=berrange@redhat.com \
--cc=abali@us.ibm.com \
--cc=chegu_vinod@hp.com \
--cc=gokul@us.ibm.com \
--cc=mrhines@linux.vnet.ibm.com \
--cc=mrhines@us.ibm.com \
--cc=onom@us.ibm.com \
--cc=owasserm@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=quintela@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).