[ovs-dev] [PATCH v3 0/3] vhost-user: Add the ability to control ownership/permissions

Aaron Conole aconole at bytheb.org
Fri Aug 12 01:53:50 UTC 2016


Ben Pfaff <blp at ovn.org> writes:

> On Thu, Aug 11, 2016 at 01:00:21PM -0400, Aaron Conole wrote:
>> Ben Pfaff <blp at ovn.org> writes:
>> > Neither of those is a simple "return server->listen_fd;" function.  Any
>> > chance that would be accepted?  It would solve the problem just fine.
>> 
>> I don't know, but I'll outline my plans, and if you agree, then I'll
>> put them into action.
>> 
>> First, I'll drop patch 2/3.
>> 
>> Second, I'll take your suggestion below, and implement it in the
>> netdev-dpdk area (as part of "patch 3/3", which will become 2/2).
>> 
>> I'll submit the above by mid-day Friday, tested.
>> 
>> Third, I'll cook up the DPDK server socket fd patch, and try to get that
>> part of a future DPDK release.  If accepted, then when OvS ports to that
>> release, I will submit a patch removing your suggestion, and using the
>> file descriptor instead (or whatever becomes of it).
>> 
>> If this sounds acceptable, I'll start in on it ASAP.
>
> This sounds good (well, acceptable) to me.
>
>> >> If you think that patch 2/3 is that maloderous that it cannot be
>> >> accepted, then there will always probably be this kind of disjointed
>> >> file-system permissions gap for vhost-user server mode interfaces.
>> >> Unless you have a better suggestion - I'm all ears then :)
>> >
>> > I do have one suggestion.  Something like this:
>> >
>> > for (int i = 0; i < 10; i++) {
>> >     /* Find the first available file descriptor, then close it. */
>> >     int fd = socket(...);
>> >     close(fd);
>> >
>> >     /* Create server socket. */
>> >     server = dpdk_create_server_socket(filename, ...);
>> >
>> >     /* Check that fd is the new server socket fd.
>> >      * This is normally true unless some other thread created a fd
>> >      * concurrently. */
>> >     struct stat s;
>> >     struct sockaddr_un sun;
>> >     socklen_t sun_len = sizeof sun;
>> >     if (!stat(fd, &s) && S_ISSOCK(s.st_mode) &&
>> >         getsockname(fd, &sun, &sun_len) && !strcmp(filename, sun.sun_path)) {
>> >         /* Yay, we found the fd. */
>> >         return success;
>> >     }
>> >
>> >     /* Race.  Try again. */
>> >     dpdk_close_server_socket(server);
>> > }
>> 
>> Thanks, Ben.  I am not opposed to going with this approach.
>> Unfortunately, there are no truly good solutions I see here at
>> the moment.
>
> I'm not super-happy with my idea either, honestly.  We are faced with a
> choice of several bad solutions.

I've been working on a better solution - it occurred to me that since
this is being done for linux-only anyway, I might as well do this with
systemd.  I can get almost everything done with no C code changes, thus
far.  Once I figure out one last permission bit, I will package it up
nicely and ask Flavio and Russell to review.  I didn't want to abandon
the fchmod/fchown code, but I'd rather have a solution that doesn't *feel*
hokey.  I hope I can get it in time for 2.6, but if not - c'est la vie.
My system has been having lots of problems today.

-Aaron



More information about the dev mailing list