From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:41040) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1VhP1X-00032J-PW for qemu-devel@nongnu.org; Fri, 15 Nov 2013 14:25:52 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1VhP1T-0000hN-Eu for qemu-devel@nongnu.org; Fri, 15 Nov 2013 14:25:47 -0500 Received: from mx1.redhat.com ([209.132.183.28]:53949) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1VhP1T-0000gW-42 for qemu-devel@nongnu.org; Fri, 15 Nov 2013 14:25:43 -0500 Message-ID: <5286752A.4010105@redhat.com> Date: Fri, 15 Nov 2013 12:25:30 -0700 From: Eric Blake MIME-Version: 1.0 References: <1383764354-10588-1-git-send-email-mrhines@linux.vnet.ibm.com> <20131115170612.GO28794@redhat.com> <52865C83.10202@linux.vnet.ibm.com> In-Reply-To: <52865C83.10202@linux.vnet.ibm.com> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="BRQBjLRMH1muPM1AfCAvO2C22lTQQSpnU" Subject: Re: [Qemu-devel] [PATCH v3 for-1.7] rdma: rename 'x-rdma' => 'rdma' List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: "Michael R. Hines" , "Daniel P. Berrange" Cc: quintela@redhat.com, qemu-devel@nongnu.org, owasserm@redhat.com, onom@us.ibm.com, abali@us.ibm.com, mrhines@us.ibm.com, gokul@us.ibm.com, pbonzini@redhat.com, chegu_vinod@hp.com This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --BRQBjLRMH1muPM1AfCAvO2C22lTQQSpnU Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 11/15/2013 10:40 AM, Michael R. Hines wrote: >=20 > This is unrelated to RDMA - accessing the /dev/infiniband > device nodes is already supported by libvirt my modifying > the configuration file in /etc and that works just fine. http://wiki.qemu.org/Features/RDMALiveMigration states that you modify the .conf file to expose /dev/infiniband/rdma_cm and friends. Are all of these devices read/write accessible to non-root? Or is there going to be a problem if using user=3D"qemu" group=3D"qemu"? (That is, merely exposing the devices through cgroup device ACL checking may be insufficient if you can't access the devices when not running root/root).= Libvirt can be patched so that the .conf file does not have to be edited (ie. change the defaults so that if cgroup_device_acl is not present in the conf file, the defaults could still let a domainaccess the /dev/infiniband devices). --=20 Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org --BRQBjLRMH1muPM1AfCAvO2C22lTQQSpnU Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (GNU/Linux) Comment: Public key at http://people.redhat.com/eblake/eblake.gpg Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCAAGBQJShnUrAAoJEKeha0olJ0NqEK0IAKlxsJtAmwZ49XwaiKk+oDBE MhzuHfw1e0URRq4jBiey1HBeIKE/+zmjgiLdNXySgMnU8AT0VGWRgcEEU1UqedVc GqA8cMqcc2rZbcZBnXbEX4//TeIpL8sXSwFC8T5MKfviI4ip2nU1Bp4ygANLv45T fPVIKOhDwnx1MSIPzEVyF+7VHSWlABdA6ovbvRh46L7QXJaCCQBzpaNs797lPfMo YlNQk1eK4yF6sK6wTF41v1bIe9dB5Sqw6GKiQU1iIfRTAS2gLqCjZ3ufeLX/aINF e+fw9/DvJlGysHPmPHvYyBFurh1BQB9LRLLnWkzb8sZBmEnEZ42AdZX/296IGmA= =vqwn -----END PGP SIGNATURE----- --BRQBjLRMH1muPM1AfCAvO2C22lTQQSpnU--