Re: [libvirt] [Qemu-devel] [PATCH v4 0/7] file descriptor passing using pass-fd
On Mon, Jul 02, 2012 at 04:31:09PM -0600, Eric Blake wrote:
On 07/02/2012 04:02 PM, Corey Bryant wrote:
> Here's another option that Kevin and I discussed today on IRC. I've
> modified a few minor details since the discussion. And Kevin please
> correct me if anything is wrong.
>
> Proposal Four: Pass a set of fds via 'pass-fds'. The group of fds
> should all refer to the same file, but may have different access flags
> (ie. O_RDWR, O_RDONLY). qemu_open can then dup the fd that has the
> matching access mode flags.
But this means that libvirt has to open a file O_RDWR up front for any
file that it _might_ need qemu to reopen later, and that qemu is now
hanging on to 2 fds per fdset instead of 1 fd for the life of any client
of the fdset.
I see no reason why libvirt can't pass in an O_RDWR fd when qemu only
needs to use an O_RDONLY fd;
If libvirt has only granted read-only access to the file with sVirt, then
passing a O_RDWR file handle to QEMU will result in an SELinux denial,
even if QEMU doesn't try to do I/O on it. So this is out of the question.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|