[ovs-dev] [PATCH v4 3/3] netdev-dpdk: Support user-defined socket attribs

Fri, 19 Aug 2016 16:49:47 -0700 

Currently, when vhost-user server socket devices are created, they
inherit the running umask and uid/gid of the vswitchd process. This
leads to difficulties when using vhost_user consumers (such as qemu).

This patch introduces two new database entries, 'vhost-sock-owner' to
set the ownership, and 'vhost-sock-perms' to set the permissions bits
for all vhost_user server sockets.

Signed-off-by: Aaron Conole <acon...@redhat.com>
---
v3->v4:
* Rebased on upstream, the dev->vhost_id had to move to dev->vhost_server_id

 INSTALL.DPDK.md      |  8 ++++++++
 lib/netdev-dpdk.c    | 37 +++++++++++++++++++++++++++++++++++++
 vswitchd/vswitch.xml | 23 +++++++++++++++++++++++
 3 files changed, 68 insertions(+)

diff --git a/INSTALL.DPDK.md b/INSTALL.DPDK.md
index 30e9258..93bc380 100644
--- a/INSTALL.DPDK.md
+++ b/INSTALL.DPDK.md
@@ -223,6 +223,14 @@ advanced install guide [INSTALL.DPDK-ADVANCED.md]
      * vhost-sock-dir
      Option to set the path to the vhost_user unix socket files.
 
+     * vhost-sock-owner
+     Option to set the file-system ownership of the vhost_user unix socket
+     files.
+
+     * vhost-sock-dir
+     Option to set the file-system permissions of the vhost_user unix socket
+     files.
+
      NOTE: Changing any of these options requires restarting the ovs-vswitchd
      application.
 
diff --git a/lib/netdev-dpdk.c b/lib/netdev-dpdk.c
index 6d334db..6cac2ea 100644
--- a/lib/netdev-dpdk.c
+++ b/lib/netdev-dpdk.c
@@ -31,6 +31,7 @@
 #include <sys/stat.h>
 #include <getopt.h>
 
+#include "chutil.h"
 #include "dirs.h"
 #include "dp-packet.h"
 #include "dpif-netdev.h"
@@ -141,6 +142,10 @@ BUILD_ASSERT_DECL((MAX_NB_MBUF / 
ROUND_DOWN_POW2(MAX_NB_MBUF/MIN_NB_MBUF))
                                           * yet mapped to another queue. */
 
 static char *vhost_sock_dir = NULL;   /* Location of vhost-user sockets */
+static char *vhost_sock_def_owner = NULL; /* Default owner of vhost-user
+                                           * sockets */
+static char *vhost_sock_def_perms = NULL; /* Default permissions of
+                                           * vhost-user sockets */
 
 #define VHOST_ENQ_RETRY_NUM 8
 #define IF_NAME_SZ (PATH_MAX > IFNAMSIZ ? PATH_MAX : IFNAMSIZ)
@@ -889,6 +894,30 @@ get_vhost_id(struct netdev_dpdk *dev)
 }
 
 static int
+vhost_set_permissions(struct netdev_dpdk *dev) OVS_REQUIRES(dpdk_mutex)
+{
+    int err = 0;
+
+    /* ovs_kchown and ovs_kchmod are robust enough to deal with null or
+     * empty strings.  However, since they have the potential to race,
+     * only attempt them if the user actually requested a change. */
+
+    if (vhost_sock_def_owner &&
+        (err = ovs_kchown(dev->vhost_server_id, vhost_sock_def_owner))) {
+        VLOG_ERR("dpdk: vhost-user socket (%s) ownership change failed (%s).",
+                 dev->vhost_server_id, ovs_strerror(err));
+    }
+
+    if (!err && vhost_sock_def_perms &&
+        (err = ovs_kchmod(dev->vhost_server_id, vhost_sock_def_perms))) {
+        VLOG_ERR("dpdk: vhost-user socket (%s) permissions failed (%s).",
+                 dev->vhost_server_id, ovs_strerror(err));
+    }
+    return err;
+}
+
+
+static int
 netdev_dpdk_vhost_construct(struct netdev *netdev)
 {
     struct netdev_dpdk *dev = netdev_dpdk_cast(netdev);
@@ -932,10 +961,14 @@ netdev_dpdk_vhost_construct(struct netdev *netdev)
         err = netdev_dpdk_init(netdev, -1, DPDK_DEV_VHOST);
     }
 
+    if (!err) {
+        err = vhost_set_permissions(dev);
+    }
     ovs_mutex_unlock(&dpdk_mutex);
     return err;
 }
 
+
 static int
 netdev_dpdk_construct(struct netdev *netdev)
 {
@@ -3363,6 +3396,10 @@ dpdk_init__(const struct smap *ovs_other_config)
     } else {
         vhost_sock_dir = sock_dir_subcomponent;
     }
+    process_vhost_flags("vhost-sock-owner", NULL, NAME_MAX, ovs_other_config,
+                        &vhost_sock_def_owner);
+    process_vhost_flags("vhost-sock-perms", NULL, NAME_MAX, ovs_other_config,
+                        &vhost_sock_def_perms);
 
     argv = grow_argv(&argv, 0, 1);
     argc = 1;
diff --git a/vswitchd/vswitch.xml b/vswitchd/vswitch.xml
index 69b5592..257edd8 100644
--- a/vswitchd/vswitch.xml
+++ b/vswitchd/vswitch.xml
@@ -299,6 +299,29 @@
         </p>
       </column>
 
+      <column name="other_config" key="vhost-sock-owner"
+              type='{"type": "string"}'>
+        <p>
+          Specifies the owner of the vhost-user unix domain socket files.
+        </p>
+        <p>
+          The default is to inherit from the running user and group id's. The
+          argument is specified in the same form as the 'chown' unix utility.
+        </p>
+      </column>
+
+      <column name="other_config" key="vhost-sock-perms"
+              type='{"type": "string"}'>
+        <p>
+          Specifies the permissions for the vhost-user unix domain socket
+          files.
+        </p>
+        <p>
+          The default is derived from the running mask. The argument is
+          specified in the same form as the 'chmod' unix utility.
+        </p>
+      </column>
+
       <column name="other_config" key="n-handler-threads"
               type='{"type": "integer", "minInteger": 1}'>
         <p>
-- 
2.5.5

_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev

Reply via email to