From: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
To: Ian Campbell <ian.campbell@citrix.com>
Cc: Wei Liu <wei.liu2@citrix.com>,
xen-devel@lists.xensource.com,
Ian Jackson <Ian.Jackson@eu.citrix.com>,
Stefano Stabellini <stefano.stabellini@eu.citrix.com>
Subject: Re: [PATCH] QEMU as non-root and PCI passthrough do not mix
Date: Thu, 14 Jan 2016 17:32:19 +0000 [thread overview]
Message-ID: <alpine.DEB.2.02.1601141620260.16178@kaball.uk.xensource.com> (raw)
In-Reply-To: <1452767992.2185.16.camel@citrix.com>
[-- Attachment #1: Type: text/plain, Size: 4003 bytes --]
On Thu, 14 Jan 2016, Ian Campbell wrote:
> On Tue, 2016-01-12 at 16:52 +0000, Stefano Stabellini wrote:
> > PCI passthrough cannot work if QEMU is run as a non-root process today,
> > as QEMU needs to open /dev/mem to mmap the MSI-X table of the device and
> > read/write relevant nodes on sysfs.
> >
> > Update the docs to reflect that.
> >
> > Run QEMU as root and print a warning if at least one PCI device has been
> > assigned to the guest at domain creation. Print a debug message on pci
> > hotplug.
> >
> > Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
> >
> > diff --git a/docs/misc/qemu-deprivilege.txt b/docs/misc/qemu-
> > deprivilege.txt
> > index dde74ab..cf52547 100644
> > --- a/docs/misc/qemu-deprivilege.txt
> > +++ b/docs/misc/qemu-deprivilege.txt
> > @@ -29,3 +29,13 @@ adduser --no-create-home --system xen-qemuuser-shared
> >
> > 3) root
> > As a last resort, libxl will start QEMU as root.
> > +
> > +
> > +Please note that QEMU will still be run as root when PCI devices are
> > +assigned to the virtual machine (if you specified pci=["$PCI_BDF"] in
> > +your VM config file, where $PCI_BDF is the PCI BDF of the device you
> > +want to assign). If you want to hotplug a PCI device sometime after the
> > +VM has started, you need to make sure that the QEMU instance of that VM
> > +has root privileges (for example by not specifying either
> > +xen-qemuuser-shared or xen-qemuuser-domid$domid, or by giving root
> > +privileges to xen-qemuuser-domid$domid).
> > diff --git a/tools/libxl/libxl_dm.c b/tools/libxl/libxl_dm.c
> > index 0aaefd9..6b98750 100644
> > --- a/tools/libxl/libxl_dm.c
> > +++ b/tools/libxl/libxl_dm.c
> > @@ -1254,6 +1254,12 @@ static int
> > libxl__build_device_model_args_new(libxl__gc *gc,
> > break;
> > }
> >
> > + /* Do not run QEMU as non-root if PCI devices are assigned */
> > + if (guest_config->num_pcidevs > 0) {
> > + LOG(WARN, "Cannot run QEMU as non-root when PCI devices are
> > being assigned to the guest VM");
> > + goto end_search;
> > + }
>
> What if b_info->device_model_user is NULL or == "root"? Doesn't this warn
> even then?
I meant to warn even if device_model_user is NULL because it is the
default and I think it is fair to inform the user about this. But I
think you are right that we don't want to warn if device_model_user is
specified as "root".
> Conversely if it is != root and num_pcidevs > 0 then it ought to error out,
> since running as root when the config explicitly says otherwise would be
> wrong I think.
OK, I'll error out in that case.
> > +
> > if (b_info->device_model_user) {
> > user = b_info->device_model_user;
> > goto end_search;
> > diff --git a/tools/libxl/libxl_pci.c b/tools/libxl/libxl_pci.c
> > index dc10cb7..04d0dd4 100644
> > --- a/tools/libxl/libxl_pci.c
> > +++ b/tools/libxl/libxl_pci.c
> > @@ -1176,6 +1176,9 @@ int libxl_device_pci_add(libxl_ctx *ctx, uint32_t
> > domid,
> > {
> > AO_CREATE(ctx, domid, ao_how);
> > int rc;
> > +
> > + LOG(DEBUG, "QEMU needs to be run as root for PCI passthrough to work");
>
> Shouldn't there be an if here, and/or an error return?
Unfortunately we cannot get the user used to run QEMU with from here.
However, even without this change, there is already plenty of
information printed out:
- xl prints:
libxl: error: libxl_qmp.c:287:qmp_handle_error_response: received an
error message from QMP server: Device initialization failed
- qemu prints:
[00:03.0] xen_pt_initfn: Error: Failed to "open" the real pci device. rc: -13
> > +
> > rc = libxl__device_pci_add(gc, domid, pcidev, 0);
> > libxl__ao_complete(egc, ao, rc);
> > return AO_INPROGRESS;
[-- Attachment #2: Type: text/plain, Size: 126 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
next prev parent reply other threads:[~2016-01-14 17:32 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-12 16:52 [PATCH] QEMU as non-root and PCI passthrough do not mix Stefano Stabellini
2016-01-14 10:39 ` Ian Campbell
2016-01-14 17:32 ` Stefano Stabellini [this message]
2016-01-14 17:34 ` Ian Jackson
2016-01-15 14:14 ` Stefano Stabellini
2016-01-15 14:29 ` Konrad Rzeszutek Wilk
2016-01-15 14:49 ` Stefano Stabellini
2016-01-15 14:56 ` Ian Campbell
2016-01-14 17:40 ` Ian Campbell
2016-01-14 17:42 ` Ian Jackson
2016-01-15 9:53 ` Ian Campbell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=alpine.DEB.2.02.1601141620260.16178@kaball.uk.xensource.com \
--to=stefano.stabellini@eu.citrix.com \
--cc=Ian.Jackson@eu.citrix.com \
--cc=ian.campbell@citrix.com \
--cc=wei.liu2@citrix.com \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.