From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <yuanhan.liu@linux.intel.com>
Received: from mga02.intel.com (mga02.intel.com [134.134.136.20])
 by dpdk.org (Postfix) with ESMTP id 150F9C46A
 for <dev@dpdk.org>; Fri, 24 Jun 2016 09:49:29 +0200 (CEST)
Received: from orsmga003.jf.intel.com ([10.7.209.27])
 by orsmga101.jf.intel.com with ESMTP; 24 Jun 2016 00:49:29 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.26,518,1459839600"; d="scan'208";a="834372951"
Received: from unknown (HELO yliu-dev) ([10.239.67.162])
 by orsmga003.jf.intel.com with ESMTP; 24 Jun 2016 00:49:28 -0700
Date: Fri, 24 Jun 2016 15:51:03 +0800
From: Yuanhan Liu <yuanhan.liu@linux.intel.com>
To: "Loftus, Ciara" <ciara.loftus@intel.com>
Cc: Aaron Conole <aconole@redhat.com>, "dev@dpdk.org" <dev@dpdk.org>,
 "Xie, Huawei" <huawei.xie@intel.com>,
 Christian Ehrhardt <christian.ehrhardt@canonical.com>
Message-ID: <20160624075103.GT23111@yliu-dev.sh.intel.com>
References: <1466177556-14891-1-git-send-email-aconole@redhat.com>
 <20160621072128.GK23111@yliu-dev.sh.intel.com>
 <87r3bqn0o8.fsf@trashheap.bytheb.org>
 <20160624023105.GS23111@yliu-dev.sh.intel.com>
 <74F120C019F4A64C9B78E802F6AD4CC24F8E0AA7@IRSMSX106.ger.corp.intel.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <74F120C019F4A64C9B78E802F6AD4CC24F8E0AA7@IRSMSX106.ger.corp.intel.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Subject: Re: [dpdk-dev] [RFC] librte_vhost: Add unix domain socket fd
	registration
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: patches and discussions about DPDK <dev.dpdk.org>
List-Unsubscribe: <http://dpdk.org/ml/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://dpdk.org/ml/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <http://dpdk.org/ml/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Jun 2016 07:49:30 -0000

On Fri, Jun 24, 2016 at 07:43:29AM +0000, Loftus, Ciara wrote:
> > 
> > On Tue, Jun 21, 2016 at 09:15:03AM -0400, Aaron Conole wrote:
> > > Yuanhan Liu <yuanhan.liu@linux.intel.com> writes:
> > >
> > > > On Fri, Jun 17, 2016 at 11:32:36AM -0400, Aaron Conole wrote:
> > > >> Prior to this commit, the only way to add a vhost-user socket to the
> > > >> system is by relying on librte_vhost to open the unix domain socket and
> > > >> add it to the unix socket list.  This is problematic for applications
> > > >> which would like to set the permissions,
> > > >
> > > > So, you want to address the issue raised by following patch?
> > > >
> > > >     http://dpdk.org/dev/patchwork/patch/12222/
> > >
> > > That patch does try to address the issue, however - it has some
> > > problems.  The biggest is a TOCTTOU issue when using chown.  The way to
> > > solve that issue properly is different depending on which operating
> > > system is being used (for instance, FreeBSD doesn't honor
> > > fchown(),fchmod() on file descriptors).  My solution is basically to
> > > punt that responsibility to the controlling application.
> > >
> > > > I would still like to stick to my proposal, that is to introduce a
> > > > new API to do the permission change at anytime, if we end up with
> > > > wanting to introduce a new API.
> > >
> > > I've spent a lot of time looking at the TOCTTOU problem, and I think
> > > that is a really hard problem to solve portably.  Might be good to just
> > > start with the flexible mechanism here that lets the application
> > > developer satisfy their own needs.
> > >
> > > >> or applications which are not
> > > >> directly allowed to open sockets due to policy restrictions.
> > > >
> > > > Could you name a specific example?
> > >
> > > SELinux policy might require one application to open the socket, and
> > > pass it back via a dbus mechanism.  I can't actually think of a concrete
> > > implemented case, so it may not be valid.
> > >
> > > > BTW, JFYI, since 16.07, DPDK supports client mode. It's QEMU (acting
> > > > as the server) will create the socket file. I guess that would diminish
> > > > (or even avoid?) the permission pain that DPDK acting as server brings.
> > > > I doubt the API to do the permission change is really needed then.
> > >
> > > I wouldn't say it 'solves' the issue so much as hopes no one uses server
> > > mode in DPDK.  I agree, for OvS, it could.
> > 
> > Actually, I think I would (personally) suggest people to switch to DPDK
> > vhost-user client mode, for two good reasons:
> > 
> > - it should solve the socket permission issue raised by you and Christian.
> > 
> > - it has the "reconnect" feature since 16.07. Which means guest network
> >   will still work from a DPDK vhost-user restart/crash. DPDK vhost-user
> >   as server simply doesn't support that.
> > 
> > And FYI, Loftus is doing the DPDK for OVS intergration. Not quite sure
> > whether she put the client mode as the default mode though.
> 
> Hi Yuanhan,

Hi Ciara,

Thanks for the note.

> I intend to keep the DPDK server-mode as the default. My reasoning is that not
> all users will have access to QEMU v2.7.0 initially. We will keep operating as before
> but have an option to switch to DPDK client mode,

And yes, good point.

> and then perhaps look at
> switching the default in a later release.

Also okay to me.

	--yliu