Currently, when using Open vSwitch with DPDK and qemu guests, the recommended method for joining the guests is via the dpdkvhostuser interface. This interface uses Unix Domain sockets to communicate. When these sockets are created, they inherit the permissions and ownership from the vswitchd process. This can lead to an undesirable state where the QEMU process cannot use the socket file until manual intervention is performed (via `chown` and/or `chmod` calls).
This patchset gives the ability to set the permissions and ownership of all dpdkvhostuser sockets from the database, avoiding the manual intervention required to connect QEMU and OVS via DPDK. The first patch adds chmod and chown calls to lib, with unit tests. The second patch adds a hardness amplification version as described in the paper "Portably Solving File TOCTTOU Races with Hardness Amplification" found at https://www.usenix.org/legacy/event/fast08/tech/full_papers/tsafrir/tsafrir_html/index.html, while the third patch hooks those calls into the netdev_dpdk_vhost_user_construct function, after the socket is created. Changes from v3: * Replaced patch 2/3 with hardness amplification version. Retested on RHEL7 and validated the travis builds. Changes from v2: * Added a new 2nd patch to series for chmod/chown on already opened files. There exist known implementations for other systems, including FreeBSD, but only linux is implemented. ENOTSUP is set when these calls fail on non-linux systems. Aaron Conole (3): chutil: introduce a new change-utils lib chutil: Add hardness amplification versions of chmod/chown netdev-dpdk: Support user-defined socket attribs INSTALL.DPDK.md | 8 + configure.ac | 2 +- lib/automake.mk | 2 + lib/chutil-unix.c | 652 +++++++++++++++++++++++++++++++++++++++++++++++++++ lib/chutil.h | 36 +++ lib/daemon-unix.c | 149 +----------- lib/netdev-dpdk.c | 37 +++ tests/automake.mk | 2 + tests/library.at | 5 + tests/test-chutil.c | 297 +++++++++++++++++++++++ vswitchd/vswitch.xml | 23 ++ 11 files changed, 1068 insertions(+), 145 deletions(-) create mode 100644 lib/chutil-unix.c create mode 100644 lib/chutil.h create mode 100644 tests/test-chutil.c -- 2.5.5 _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
