mirror of
https://github.com/Motorhead1991/qemu.git
synced 2026-01-06 06:27:41 -07:00
7c9e527659
It is a common requirement for virtual machine to send persistent
reservations, but this currently requires either running QEMU with
CAP_SYS_RAWIO, or using out-of-tree patches that let an unprivileged
QEMU bypass Linux's filter on SG_IO commands.
As an alternative mechanism, the next patches will introduce a
privileged helper to run persistent reservation commands without
expanding QEMU's attack surface unnecessarily.
The helper is invoked through a "pr-manager" QOM object, to which
file-posix.c passes SG_IO requests for PERSISTENT RESERVE OUT and
PERSISTENT RESERVE IN commands. For example:
$ qemu-system-x86_64
-device virtio-scsi \
-object pr-manager-helper,id=helper0,path=/var/run/qemu-pr-helper.sock
-drive if=none,id=hd,driver=raw,file.filename=/dev/sdb,file.pr-manager=helper0
-device scsi-block,drive=hd
or:
$ qemu-system-x86_64
-device virtio-scsi \
-object pr-manager-helper,id=helper0,path=/var/run/qemu-pr-helper.sock
-blockdev node-name=hd,driver=raw,file.driver=host_device,file.filename=/dev/sdb,file.pr-manager=helper0
-device scsi-block,drive=hd
Multiple pr-manager implementations are conceivable and possible, though
only one is implemented right now. For example, a pr-manager could:
- talk directly to the multipath daemon from a privileged QEMU
(i.e. QEMU links to libmpathpersist); this makes reservation work
properly with multipath, but still requires CAP_SYS_RAWIO
- use the Linux IOC_PR_* ioctls (they require CAP_SYS_ADMIN though)
- more interestingly, implement reservations directly in QEMU
through file system locks or a shared database (e.g. sqlite)
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
||
|---|---|---|
| .. | ||
| config | ||
| devel | ||
| interop | ||
| specs | ||
| spin | ||
| block-replication.txt | ||
| bootindex.txt | ||
| ccid.txt | ||
| COLO-FT.txt | ||
| colo-proxy.txt | ||
| generic-loader.txt | ||
| igd-assign.txt | ||
| image-fuzzer.txt | ||
| memory-hotplug.txt | ||
| multi-thread-compression.txt | ||
| multiseat.txt | ||
| nvdimm.txt | ||
| pci_expander_bridge.txt | ||
| pcie.txt | ||
| pcie_pci_bridge.txt | ||
| pr-manager.rst | ||
| qcow2-cache.txt | ||
| qdev-device-use.txt | ||
| qemu_logo.pdf | ||
| qemupciserial.inf | ||
| rdma.txt | ||
| replay.txt | ||
| spice-port-fqdn.txt | ||
| throttle.txt | ||
| usb-storage.txt | ||
| usb2.txt | ||
| virtio-balloon-stats.txt | ||
| xbzrle.txt | ||
| xen-save-devices-state.txt | ||