From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:44298) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1VhPJV-0006ir-NY for qemu-devel@nongnu.org; Fri, 15 Nov 2013 14:44:29 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1VhPJL-00086P-JW for qemu-devel@nongnu.org; Fri, 15 Nov 2013 14:44:21 -0500 Received: from e39.co.us.ibm.com ([32.97.110.160]:44918) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1VhPJL-00082o-CK for qemu-devel@nongnu.org; Fri, 15 Nov 2013 14:44:11 -0500 Received: from /spool/local by e39.co.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 15 Nov 2013 12:44:09 -0700 Received: from b01cxnp23033.gho.pok.ibm.com (b01cxnp23033.gho.pok.ibm.com [9.57.198.28]) by d01dlp03.pok.ibm.com (Postfix) with ESMTP id CD89BC90041 for ; Fri, 15 Nov 2013 14:44:04 -0500 (EST) Received: from d01av01.pok.ibm.com (d01av01.pok.ibm.com [9.56.224.215]) by b01cxnp23033.gho.pok.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id rAFJi5vU3735944 for ; Fri, 15 Nov 2013 19:44:06 GMT Received: from d01av01.pok.ibm.com (localhost [127.0.0.1]) by d01av01.pok.ibm.com (8.14.4/8.14.4/NCO v10.0 AVout) with ESMTP id rAFJi56E022680 for ; Fri, 15 Nov 2013 14:44:05 -0500 Message-ID: <52867985.2070605@linux.vnet.ibm.com> Date: Fri, 15 Nov 2013 14:44:05 -0500 From: "Michael R. Hines" MIME-Version: 1.0 References: <1383764354-10588-1-git-send-email-mrhines@linux.vnet.ibm.com> <20131115170612.GO28794@redhat.com> <52865C83.10202@linux.vnet.ibm.com> <5286752A.4010105@redhat.com> In-Reply-To: <5286752A.4010105@redhat.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [PATCH v3 for-1.7] rdma: rename 'x-rdma' => 'rdma' List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Eric Blake Cc: quintela@redhat.com, qemu-devel@nongnu.org, owasserm@redhat.com, onom@us.ibm.com, abali@us.ibm.com, mrhines@us.ibm.com, gokul@us.ibm.com, pbonzini@redhat.com, chegu_vinod@hp.com On 11/15/2013 02:25 PM, Eric Blake wrote: > On 11/15/2013 10:40 AM, Michael R. Hines wrote: >> This is unrelated to RDMA - accessing the /dev/infiniband >> device nodes is already supported by libvirt my modifying >> the configuration file in /etc and that works just fine. > http://wiki.qemu.org/Features/RDMALiveMigration states that you modify > the .conf file to expose /dev/infiniband/rdma_cm and friends. Are all > of these devices read/write accessible to non-root? Or is there going > to be a problem if using user="qemu" group="qemu"? (That is, merely > exposing the devices through cgroup device ACL checking may be > insufficient if you can't access the devices when not running root/root). Yes, non-root access is working just fine. Keep in mind that QEMU is no different than any other standard HPC application (like MPI programs) which perform RDMA operations. QEMU is simply another librdmacm/libibverbs user and it does not require any special privileges to the device files. > Libvirt can be patched so that the .conf file does not have to be edited > (ie. change the defaults so that if cgroup_device_acl is not present in > the conf file, the defaults could still let a domainaccess the > /dev/infiniband devices). > That would be quite nice! Shall I include that in the next version of my libvirt patch? - Michael