Re: [libvirt] [PATCH 2/3] New 'permissive' attribute for hostdev
On Tue, Dec 22, 2009 at 10:04:16 +0000, Daniel P. Berrange wrote:
On Tue, Dec 22, 2009 at 10:51:15AM +0100, Daniel Veillard wrote:
> On Mon, Dec 21, 2009 at 07:09:08PM +0000, Daniel P. Berrange wrote:
> > On Mon, Dec 21, 2009 at 02:27:18PM +0100, Jiri Denemark wrote:
> > > When it is set to 'yes', some check whether a device is safe to
be
> > > assigned to a guest will be weakened.
> >
> > I think this is a rather ill-defined concept to be adding the guest XML,
> > since there are many checks done for assignment, and this is only impacting
> > one of them. Whether to allow a device beind a non-ACS enable switch to be
> > used in a VM has implications beyond just the one VM it is assigned to. Thus
> > is strikes me that the decision as to whether to allow use of devices behind
> > non-ACS switches should be a host level attribute. eg a config item in the
> > /etc/qemu/qemu.conf file
>
> Agreed, it's a Host PCI implementation issue, and this should be
> delt with in a host wide manner I think, a daemon setting, with the
> defaulting being on the safe side sounds the best to me.
I'm having second thoughts about even a host daemon setting. I really
think we ought to be doing full checking ourselves, even with whitelists
if needed.
OK, I understand. On the other hand, maintaining a whitelist of devices which
do not communicate directly with other devices is not a good idea. I guess a
good compromise between the two options could be a user configurable
whitelist. That is, instead of telling libvirt a PCI device can be really
assigned in guest's XML, one could tell this in one place for all such PCI
devices and it would affect all guests on that machine. What is the best place
for such a list?
Perhaps that was what you meant by the config item in /etc/qemu/qemu.conf :-)
Jirka