[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [Qemu-devel] [PATCH v4 0/7] file descriptor passing using pass-fd



On Mon, Jul 02, 2012 at 04:31:09PM -0600, Eric Blake wrote:
> On 07/02/2012 04:02 PM, Corey Bryant wrote:
> 
> > Here's another option that Kevin and I discussed today on IRC.  I've
> > modified a few minor details since the discussion. And Kevin please
> > correct me if anything is wrong.
> > 
> > Proposal Four: Pass a set of fds via 'pass-fds'.  The group of fds
> > should all refer to the same file, but may have different access flags
> > (ie. O_RDWR, O_RDONLY).  qemu_open can then dup the fd that has the
> > matching access mode flags.
> 
> But this means that libvirt has to open a file O_RDWR up front for any
> file that it _might_ need qemu to reopen later, and that qemu is now
> hanging on to 2 fds per fdset instead of 1 fd for the life of any client
> of the fdset.
> 
> I see no reason why libvirt can't pass in an O_RDWR fd when qemu only
> needs to use an O_RDONLY fd;

If libvirt has only granted read-only access to the file with sVirt, then
passing a O_RDWR file handle to QEMU will result in an SELinux denial,
even if QEMU doesn't try to do I/O on it. So this is out of the question.

Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]