Martin Polednik has posted comments on this change. Change subject: hostdev: add dynamic udev rule creation for iommu groups ......................................................................
Patch Set 4: (1 comment) http://gerrit.ovirt.org/#/c/36268/4/vdsm/supervdsmServer File vdsm/supervdsmServer: Line 302: def vfioAppropriateDevice(self, iommu_group): Line 303: """ Line 304: Create udev rule in /etc/udev/rules.d/ to change ownership Line 305: of /dev/vfio/$iommu_group to qemu:qemu. This method should be called Line 306: when detaching a device from the host. > I see your point, but creating and deleting rules on the fly strikes me. I It was evaluated, we didn't like it because we would give our untrusted user 'qemu' all devices, that were spawned which would interfere with custom setups. We decided to work on the finest granularity possible - only giving ownership of a single iommu group. Line 307: """ Line 308: ruleFile = _UDEV_RULE_FILE_NAME_VFIO % iommu_group Line 309: rule = ('KERNEL=="{}", SUBSYSTEM=="vfio" RUN+="{} {}:{} ' Line 310: '/dev/vfio/{}"').format(iommu_group, EXT_CHOWN, -- To view, visit http://gerrit.ovirt.org/36268 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: Ieac8d58e01d7277e535a2101d522961816ea88eb Gerrit-PatchSet: 4 Gerrit-Project: vdsm Gerrit-Branch: master Gerrit-Owner: Martin Polednik <[email protected]> Gerrit-Reviewer: Dan Kenigsberg <[email protected]> Gerrit-Reviewer: Francesco Romani <[email protected]> Gerrit-Reviewer: Martin Polednik <[email protected]> Gerrit-Reviewer: Michal Skrivanek <[email protected]> Gerrit-Reviewer: [email protected] Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: Yes _______________________________________________ vdsm-patches mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/vdsm-patches
