[ovs-dev] [PATCH v4 0/3] vhost-user: Add the ability to control ownership/permissions

[Aaron Conole]

Sorry for the top-post and don't want to be a pest - ping?

Aaron Conole <aconole at redhat.com> writes:

> Currently, when using Open vSwitch with DPDK and qemu guests, the recommended
> method for joining the guests is via the dpdkvhostuser interface. This
> interface uses Unix Domain sockets to communicate. When these sockets are
> created, they inherit the permissions and ownership from the vswitchd process.
> This can lead to an undesirable state where the QEMU process cannot use the
> socket file until manual intervention is performed (via `chown` and/or `chmod`
> calls).
>
>
> This patchset gives the ability to set the permissions and ownership of all
> dpdkvhostuser sockets from the database, avoiding the manual intervention
> required to connect QEMU and OVS via DPDK.
>
>
> The first patch adds chmod and chown calls to lib, with unit tests.  The
> second patch adds a hardness amplification version as described in the
> paper "Portably Solving File TOCTTOU Races with Hardness Amplification"
> found at
> https://www.usenix.org/legacy/event/fast08/tech/full_papers/tsafrir/tsafrir_html/index.html, while the third patch hooks those calls into the
> netdev_dpdk_vhost_user_construct function, after the socket is created.
>
>
> Changes from v3:
> * Replaced patch 2/3 with hardness amplification version.  Retested on RHEL7
>   and validated the travis builds.
>
> Changes from v2:
> * Added a new 2nd patch to series for chmod/chown on already opened files.
>   There exist known implementations for other systems, including FreeBSD, but
>   only linux is implemented.  ENOTSUP is set when these calls fail on non-linux
>   systems.
>
> Aaron Conole (3):
>   chutil: introduce a new change-utils lib
>   chutil: Add hardness amplification versions of chmod/chown
>   netdev-dpdk: Support user-defined socket attribs
>