[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[libvirt] CAP_SYS_RAWIO missing for qemu-kvm device passthrough


I'm running current git libvirt on Fedora 13 beta. I enabled the use of 
libcap-ng as it is done in the regular F13 .spec.

When I now pass a pci card through to a qemu-kvm guest using vt-d I get this 
error from qemu-kvm:

Failed to assign irq for "hostdev0": Operation not permitted
Perhaps you are assigning a device that shares an IRQ with another device?

I'm running qemu-kvm as root. But that doesn't seem to be enough:

I traced the issue down to a missing CAP_SYS_RAWIO.The kvm kernel module 
requires CAP_SYS_RAWIO to use the KVM_ASSIGN_DEV_IRQ ioctl.

When I remove the capability-dropping from libvirt like this everything works 
as expected:

--- libvirt/src/qemu/qemu_driver.c        2010-05-13 22:50:13.000000000 +0200
+++ libvirt.new/src/qemu/qemu_driver.c    2010-05-13 23:18:49.286311290 +0200
@@ -3359,7 +3359,7 @@
     ret = virExecDaemonize(argv, progenv, &keepfd, &child,
                            stdin_fd, &logfile, &logfile,
-                           VIR_EXEC_NONBLOCK | VIR_EXEC_CLEAR_CAPS,
+                           VIR_EXEC_NONBLOCK,
                            qemudSecurityHook, &hookData,

Is there a better solution to get device passthrough to work?

Kind regards,


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]