[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [Bug 1626972] Re: [PATCH] util: secure memfd_create fal
|
From: |
Rafael David Tinoco |
|
Subject: |
Re: [Qemu-devel] [Bug 1626972] Re: [PATCH] util: secure memfd_create fallback mechanism |
|
Date: |
Mon, 3 Oct 2016 12:41:10 -0300 |
Sorry, I was only able to come back to this today.
> On Sep 27, 2016, at 09:18, Daniel Berrange <address@hidden> wrote:
>
>> There are numerous people relying on older kernels in openstack
>> deployments - sometimes with specific drivers (ovswitch, dpdk,
>> infiniband) holding kernel upgrades - but still in need of upgrading
>> userland (e.g. newer releases). Having a fallback mechanism seems
>> appropriate for those cases.
>
> I'm not against some kind of fallback - just about the way it
> silently creates files in /tmp.
>
That is why memfd_create is used here I suppose: To allow
anonymous-backed-pages to have a descriptor and to be sealed. When falling back
this mechanism I don't see any other way other than creating a temporary file.
Of course one way would be something like:
http://paste.ubuntu.com/23270379/
But this is pretty much the same, just solving the "where to place the
temporary file" (non configurable for this usage).
>>
>> Note that the filename, per se, is not as important as other files,
>> since qemu won't provide it for being accessed by external programs, and,
>> deletes the file, while keeping the descriptor, right after its creation
>> (due to its nature, that is probably why it was created in /tmp).
>
> If it doesn't shared with other processes, and is deleted immediately,
> why does the file need to be on disk at all ?
Well, it unlinks the file but the references are still there while the
descriptor isn't closed by this process, or by the one that receives the
descriptor (that is why is the "unlink" so early).
If you check vhost_dev_log_resize(), it gets *possible* new vhost log (if a new
size is given) and informs the vhost dev driver about the new log base
(vhost_ops->vhost_set_log_base).
For vhost_user, this means that the file descriptors for vhost logs are likely
going to be passed to vhost backend (fds[] in vhost_user_set_log_base). This is
just one example, not sure about others.
Probably the best approach here, like what Marc-André said, is to create some
sort of TMPDIR, set by libvirt perhaps ?
>
> Regards,
> Daniel
- Re: [Qemu-devel] [Bug 1626972] Re: [PATCH] util: secure memfd_create fallback mechanism,
Rafael David Tinoco <=
- Re: [Qemu-devel] [Bug 1626972] Re: [PATCH] util: secure memfd_create fallback mechanism, Daniel P. Berrange, 2016/10/03
- Re: [Qemu-devel] [Bug 1626972] Re: [PATCH] util: secure memfd_create fallback mechanism, Rafael David Tinoco, 2016/10/03
- Re: [Qemu-devel] [Bug 1626972] Re: [PATCH] util: secure memfd_create fallback mechanism, Rafael David Tinoco, 2016/10/03
- Re: [Qemu-devel] [Bug 1626972] Re: [PATCH] util: secure memfd_create fallback mechanism, Daniel P. Berrange, 2016/10/04
- Re: [Qemu-devel] [Bug 1626972] Re: [PATCH] util: secure memfd_create fallback mechanism, Rafael David Tinoco, 2016/10/04
- Re: [Qemu-devel] [Bug 1626972] Re: [PATCH] util: secure memfd_create fallback mechanism, Marc-André Lureau, 2016/10/04
- Re: [Qemu-devel] [Bug 1626972] Re: [PATCH] util: secure memfd_create fallback mechanism, Daniel P. Berrange, 2016/10/04
- Re: [Qemu-devel] [Bug 1626972] Re: [PATCH] util: secure memfd_create fallback mechanism, Marc-André Lureau, 2016/10/04
- Re: [Qemu-devel] [Bug 1626972] Re: [PATCH] util: secure memfd_create fallback mechanism, Daniel P. Berrange, 2016/10/04
- Message not available
- Re: [Qemu-devel] [Bug 1626972] Re: [PATCH] util: secure memfd_create fallback mechanism, Rafael David Tinoco, 2016/10/04