[ovs-dev] [PATCH v3 0/3] vhost-user: Add the ability to control ownership/permissions
Aaron Conole
aconole at bytheb.org
Fri Aug 12 01:53:50 UTC 2016
Ben Pfaff <blp at ovn.org> writes:
> On Thu, Aug 11, 2016 at 01:00:21PM -0400, Aaron Conole wrote:
>> Ben Pfaff <blp at ovn.org> writes:
>> > Neither of those is a simple "return server->listen_fd;" function. Any
>> > chance that would be accepted? It would solve the problem just fine.
>>
>> I don't know, but I'll outline my plans, and if you agree, then I'll
>> put them into action.
>>
>> First, I'll drop patch 2/3.
>>
>> Second, I'll take your suggestion below, and implement it in the
>> netdev-dpdk area (as part of "patch 3/3", which will become 2/2).
>>
>> I'll submit the above by mid-day Friday, tested.
>>
>> Third, I'll cook up the DPDK server socket fd patch, and try to get that
>> part of a future DPDK release. If accepted, then when OvS ports to that
>> release, I will submit a patch removing your suggestion, and using the
>> file descriptor instead (or whatever becomes of it).
>>
>> If this sounds acceptable, I'll start in on it ASAP.
>
> This sounds good (well, acceptable) to me.
>
>> >> If you think that patch 2/3 is that maloderous that it cannot be
>> >> accepted, then there will always probably be this kind of disjointed
>> >> file-system permissions gap for vhost-user server mode interfaces.
>> >> Unless you have a better suggestion - I'm all ears then :)
>> >
>> > I do have one suggestion. Something like this:
>> >
>> > for (int i = 0; i < 10; i++) {
>> > /* Find the first available file descriptor, then close it. */
>> > int fd = socket(...);
>> > close(fd);
>> >
>> > /* Create server socket. */
>> > server = dpdk_create_server_socket(filename, ...);
>> >
>> > /* Check that fd is the new server socket fd.
>> > * This is normally true unless some other thread created a fd
>> > * concurrently. */
>> > struct stat s;
>> > struct sockaddr_un sun;
>> > socklen_t sun_len = sizeof sun;
>> > if (!stat(fd, &s) && S_ISSOCK(s.st_mode) &&
>> > getsockname(fd, &sun, &sun_len) && !strcmp(filename, sun.sun_path)) {
>> > /* Yay, we found the fd. */
>> > return success;
>> > }
>> >
>> > /* Race. Try again. */
>> > dpdk_close_server_socket(server);
>> > }
>>
>> Thanks, Ben. I am not opposed to going with this approach.
>> Unfortunately, there are no truly good solutions I see here at
>> the moment.
>
> I'm not super-happy with my idea either, honestly. We are faced with a
> choice of several bad solutions.
I've been working on a better solution - it occurred to me that since
this is being done for linux-only anyway, I might as well do this with
systemd. I can get almost everything done with no C code changes, thus
far. Once I figure out one last permission bit, I will package it up
nicely and ask Flavio and Russell to review. I didn't want to abandon
the fchmod/fchown code, but I'd rather have a solution that doesn't *feel*
hokey. I hope I can get it in time for 2.6, but if not - c'est la vie.
My system has been having lots of problems today.
-Aaron
More information about the dev
mailing list