On 09/06/2012 07:51 PM, Geert Jansen wrote:

Hi,

i'm trying to pass through SCSI commands from a guest to a host. Both guest and host are RHEL 6.3. The relevant section in my XML is:

<devices> <disk type='block' device='lun'> <driver name='qemu' type='raw' cache='none'/> <source dev='/dev/sdb'/> <target dev='sdb' bus='scsi'/> <address type='drive' controller='0' bus='0' target='1' unit='0'/> </disk> <controller type='scsi' index='0' model='virtio-scsi'> <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x0'/> </controller> ... </devices>

Commands that are whitelisted by the host kernel come through (e.g. "sg_inq"), but other commands don't (e.g. "sg_persist").

I need sg_persist so i tried making qemu-kvm setuid root. This works.

Is there a better way to allow arbitrary SCSI commands, perferably on a per-VM basis, rather than making qemu setuid root?

There is Paolo's suggestion to add cgroup filtering for sg_io: http://lwn.net/Articles/501742/ But it might had scared people as it got no response. Paolo, would you give it another shot? Cheers, Dor

Regards, Geert

-- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list