Currently, when dpdkvhostuser devices are created, they inherit whatever the running umask and uid/gid of the vswitchd process. This leads to difficulties when using vhost_user consumers (such as qemu).
This patch introduces two new database entries, 'vhost-sock-owner' to set the ownership, and 'vhost-sock-perms' to set the permissions bits for the vhost_user sockets. These settings apply to all vhost-user sockets. Signed-off-by: Aaron Conole <acon...@redhat.com> --- INSTALL.DPDK.md | 7 +++++++ lib/netdev-dpdk.c | 37 ++++++++++++++++++++++++++++++++++--- vswitchd/vswitch.xml | 23 +++++++++++++++++++++++ 3 files changed, 64 insertions(+), 3 deletions(-) diff --git a/INSTALL.DPDK.md b/INSTALL.DPDK.md index 5407794..0cd4bfe 100644 --- a/INSTALL.DPDK.md +++ b/INSTALL.DPDK.md @@ -223,6 +223,13 @@ advanced install guide [INSTALL.DPDK-ADVANCED.md] * vhost-sock-dir Option to set the path to the vhost_user unix socket files. + * vhost-sock-owner + Option to set the owner of the vhost_user unix socket files. + + * vhost-sock-perms + Option to set the file-system permissions of the vhost_user unix socket + files. + NOTE: Changing any of these options requires restarting the ovs-vswitchd application. diff --git a/lib/netdev-dpdk.c b/lib/netdev-dpdk.c index 85b18fd..ffa62c9 100644 --- a/lib/netdev-dpdk.c +++ b/lib/netdev-dpdk.c @@ -32,6 +32,7 @@ #include <getopt.h> #include <numaif.h> +#include "chutil.h" #include "dirs.h" #include "dp-packet.h" #include "dpif-netdev.h" @@ -141,6 +142,10 @@ BUILD_ASSERT_DECL((MAX_NB_MBUF / ROUND_DOWN_POW2(MAX_NB_MBUF/MIN_NB_MBUF)) static char *cuse_dev_name = NULL; /* Character device cuse_dev_name. */ #endif static char *vhost_sock_dir = NULL; /* Location of vhost-user sockets */ +static char *vhost_sock_def_owner = NULL; /* Default owner of vhost-user + sockets*/ +static char *vhost_sock_def_perms = NULL; /* Default permissions of + vhost-user sockets */ #define VHOST_ENQ_RETRY_NUM 8 @@ -824,6 +829,23 @@ vhost_construct_helper(struct netdev *netdev) OVS_REQUIRES(dpdk_mutex) } static int +vhost_set_permissions(struct netdev_dpdk *dev) OVS_REQUIRES(dpdk_mutex) +{ + int err = 0; + if (vhost_sock_def_owner && + (err = ovs_chown_open_file(dev->vhost_id, vhost_sock_def_owner))) { + VLOG_ERR("vhost-user socket device ownership change failed."); + } + + if (!err && vhost_sock_def_perms && + (err = ovs_chmod_open_file(dev->vhost_id, vhost_sock_def_perms))) { + VLOG_ERR("vhost-user socket device permission change failed."); + } + + return err; +} + +static int netdev_dpdk_vhost_cuse_construct(struct netdev *netdev) { struct netdev_dpdk *dev = netdev_dpdk_cast(netdev); @@ -879,6 +901,10 @@ netdev_dpdk_vhost_user_construct(struct netdev *netdev) err = vhost_construct_helper(netdev); } + if (!err) { + err = vhost_set_permissions(dev); + } + ovs_mutex_unlock(&dpdk_mutex); return err; } @@ -3221,8 +3247,8 @@ dpdk_init__(const struct smap *ovs_other_config) VLOG_INFO("DPDK Enabled, initializing"); #ifdef VHOST_CUSE - if (process_vhost_flags("cuse-dev-name", xstrdup("vhost-net"), - PATH_MAX, ovs_other_config, &cuse_dev_name)) { + process_vhost_flags("cuse-dev-name", xstrdup("vhost-net"), + PATH_MAX, ovs_other_config, &cuse_dev_name); #else if (process_vhost_flags("vhost-sock-dir", xstrdup(ovs_rundir()), NAME_MAX, ovs_other_config, @@ -3246,9 +3272,14 @@ dpdk_init__(const struct smap *ovs_other_config) free(sock_dir_subcomponent); } else { vhost_sock_dir = sock_dir_subcomponent; -#endif } + process_vhost_flags("vhost-sock-owner", NULL, NAME_MAX, ovs_other_config, + &vhost_sock_def_owner); + process_vhost_flags("vhost-sock-perms", NULL, NAME_MAX, ovs_other_config, + &vhost_sock_def_perms); +#endif + argv = grow_argv(&argv, 0, 1); argc = 1; argv[0] = xstrdup(ovs_get_program_name()); diff --git a/vswitchd/vswitch.xml b/vswitchd/vswitch.xml index fed6f56..05d2a14 100644 --- a/vswitchd/vswitch.xml +++ b/vswitchd/vswitch.xml @@ -311,6 +311,29 @@ </p> </column> + <column name="other_config" key="vhost-sock-owner" + type='{"type": "string"}'> + <p> + Specifies the owner of the vhost-user unix domain socket files. + </p> + <p> + The default is to inherit from the running user and group id's. The + argument is specified in the same form as the 'chown' unix utility. + </p> + </column> + + <column name="other_config" key="vhost-sock-perms" + type='{"type": "string"}'> + <p> + Specifies the permissions for the vhost-user unix domain socket + files. + </p> + <p> + The default is derived from the running mask. The argument is + specified in the same form as the 'chmod' unix utility. + </p> + </column> + <column name="other_config" key="n-handler-threads" type='{"type": "integer", "minInteger": 1}'> <p> -- 2.5.5 _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev