From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <jianfeng.tan@intel.com>
Received: from mga03.intel.com (mga03.intel.com [134.134.136.65])
 by dpdk.org (Postfix) with ESMTP id EFA2F591F
 for <dev@dpdk.org>; Mon,  9 Nov 2015 06:15:29 +0100 (CET)
Received: from orsmga003.jf.intel.com ([10.7.209.27])
 by orsmga103.jf.intel.com with ESMTP; 08 Nov 2015 21:15:28 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.20,265,1444719600"; d="scan'208";a="681154651"
Received: from fmsmsx108.amr.corp.intel.com ([10.18.124.206])
 by orsmga003.jf.intel.com with ESMTP; 08 Nov 2015 21:15:26 -0800
Received: from fmsmsx154.amr.corp.intel.com (10.18.116.70) by
 FMSMSX108.amr.corp.intel.com (10.18.124.206) with Microsoft SMTP Server (TLS)
 id 14.3.248.2; Sun, 8 Nov 2015 21:15:26 -0800
Received: from shsmsx101.ccr.corp.intel.com (10.239.4.153) by
 FMSMSX154.amr.corp.intel.com (10.18.116.70) with Microsoft SMTP Server (TLS)
 id 14.3.248.2; Sun, 8 Nov 2015 21:15:26 -0800
Received: from shsmsx152.ccr.corp.intel.com ([169.254.6.193]) by
 SHSMSX101.ccr.corp.intel.com ([169.254.1.83]) with mapi id 14.03.0248.002;
 Mon, 9 Nov 2015 13:15:24 +0800
From: "Tan, Jianfeng" <jianfeng.tan@intel.com>
To: Yuanhan Liu <yuanhan.liu@linux.intel.com>
Thread-Topic: [dpdk-dev] [RFC 5/5] vhost/container: change mode of vhost
 listening socket
Thread-Index: AQHRGDL2a4PcA4sNmUenTE2BPNr7HJ6Sji4AgACYl0A=
Date: Mon, 9 Nov 2015 05:15:23 +0000
Message-ID: <ED26CBA2FAD1BF48A8719AEF02201E36639470@SHSMSX152.ccr.corp.intel.com>
References: <1446748276-132087-1-git-send-email-jianfeng.tan@intel.com>
 <1446748276-132087-6-git-send-email-jianfeng.tan@intel.com>
 <20151109035434.GG2326@yliu-dev.sh.intel.com>
In-Reply-To: <20151109035434.GG2326@yliu-dev.sh.intel.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.239.127.40]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "nakajima.yoshihiro@lab.ntt.co.jp" <nakajima.yoshihiro@lab.ntt.co.jp>,
 "zhbzg@huawei.com" <zhbzg@huawei.com>, "mst@redhat.com" <mst@redhat.com>,
 "dev@dpdk.org" <dev@dpdk.org>,
 "oscar.zhangbo@huawei.com" <oscar.zhangbo@huawei.com>,
 "gaoxiaoqiu@huawei.com" <gaoxiaoqiu@huawei.com>,
 "ann.zhuangyanying@huawei.com" <ann.zhuangyanying@huawei.com>,
 "zhoujingbin@huawei.com" <zhoujingbin@huawei.com>,
 "guohongzhen@huawei.com" <guohongzhen@huawei.com>
Subject: Re: [dpdk-dev] [RFC 5/5] vhost/container: change mode of vhost
 listening socket
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: patches and discussions about DPDK <dev.dpdk.org>
List-Unsubscribe: <http://dpdk.org/ml/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://dpdk.org/ml/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <http://dpdk.org/ml/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Nov 2015 05:15:30 -0000



> -----Original Message-----
> From: Yuanhan Liu [mailto:yuanhan.liu@linux.intel.com]
> Sent: Monday, November 9, 2015 11:55 AM
> To: Tan, Jianfeng
> Cc: dev@dpdk.org; nakajima.yoshihiro@lab.ntt.co.jp; zhbzg@huawei.com;
> mst@redhat.com; gaoxiaoqiu@huawei.com; oscar.zhangbo@huawei.com;
> ann.zhuangyanying@huawei.com; zhoujingbin@huawei.com;
> guohongzhen@huawei.com
> Subject: Re: [dpdk-dev] [RFC 5/5] vhost/container: change mode of vhost
> listening socket
>=20
> On Fri, Nov 06, 2015 at 02:31:16AM +0800, Jianfeng Tan wrote:
> > Change vhost listening socket mode so that users in groups and others
> > can connect to vhost listening socket.
> >
> > Signed-off-by: Huawei Xie <huawei.xie@intel.com>
> > Signed-off-by: Jianfeng Tan <jianfeng.tan@intel.com>
> > ---
> >  lib/librte_vhost/vhost_user/vhost-net-user.c | 5 +++++
> >  1 file changed, 5 insertions(+)
> >
> > diff --git a/lib/librte_vhost/vhost_user/vhost-net-user.c
> > b/lib/librte_vhost/vhost_user/vhost-net-user.c
> > index 2dc0547..7b24f7c 100644
> > --- a/lib/librte_vhost/vhost_user/vhost-net-user.c
> > +++ b/lib/librte_vhost/vhost_user/vhost-net-user.c
> > @@ -42,6 +42,7 @@
> >  #include <sys/un.h>
> >  #include <errno.h>
> >  #include <pthread.h>
> > +#include <sys/stat.h>
> >
> >  #include <rte_log.h>
> >  #include <rte_virtio_net.h>
> > @@ -137,6 +138,10 @@ uds_socket(const char *path)
> >  	if (ret =3D=3D -1)
> >  		goto err;
> >
> > +	ret =3D chmod(un.sun_path, 0666);
> > +	if (ret =3D=3D 0)
> > +		RTE_LOG(INFO, VHOST_CONFIG, "chmod 0666, ok\n");
>=20
> That doesn't seem right to me. Doing that kind of change in a libraray do=
esn't
> seem to be a good practice, don't even to say changing it to "0666" blind=
ly,
> which allows every body to access it.
>=20
> 	--yliu

Hi Yuanhan,

The original intention for this change is for the use case: use "root" to
start ovs-dpdk (or any other switch application), but use other users to
run some containers. Not with this change, other users cannot connect
to vhost listening socket.

This change is not necessary if using root to start a container. It's indee=
d
a question worth discussion: whether it's reasonable to allow everybody
to start a virtio device.

Thanks,
Jianfeng

>=20
> > +
> >  	return sockfd;
> >
> >  err:
> > --
> > 2.1.4