[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH 4/9] dm_depriv: Describe expected usage of device_model_user parameter

To: <xen-devel@xxxxxxxxxxxxxxxxxxxx>
From: George Dunlap <george.dunlap@xxxxxxxxxx>
Date: Fri, 23 Nov 2018 17:14:57 +0000
Cc: Anthony Perard <anthony.perard@xxxxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>
Delivery-date: Fri, 23 Nov 2018 17:15:20 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

A number of subsequent patches rely on as-yet undefined behavior for
what the `device_model_user` parameter does.  Rather than implement it
incorrectly (or randomly), or remove the feature, describe an expected
usage for the feature.  Further patches will make decisions based on
this expected usage.

Signed-off-by: George Dunlap <george.dunlap@xxxxxxxxxx>
---
CC: Ian Jackson <ian.jackson@xxxxxxxxxx>
CC: Wei Liu <wei.liu2@xxxxxxxxxx>
CC: Anthony Perard <anthony.perard@xxxxxxxxxx>
---
 docs/features/qemu-deprivilege.pandoc | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/docs/features/qemu-deprivilege.pandoc 
b/docs/features/qemu-deprivilege.pandoc
index f941525189..49b571980e 100644
--- a/docs/features/qemu-deprivilege.pandoc
+++ b/docs/features/qemu-deprivilege.pandoc
@@ -66,6 +66,23 @@ this, create a user named `xen-qemuuser-shared`; for example:
 
     adduser --no-create-home --system xen-qemuuser-shared
 
+A final way to set up a separate process for qemus is to allocate one
+UID per VM, and set the UID in the domain config file with the
+`device_model_user` argument.  For example, suppose you have a VM
+named `c6-01`.  You might do the following:
+
+    adduser --system --no-create-home --group xen-qemuuuser-c6-01
+
+And then in your config file, the following line:
+
+    device_model_user="xen-qemuuser-c6-01"
+
+NOTE: It is important when using `device_model_user` that EACH VM HAVE
+A SEPARATE UID, and that none of these UIDs map to root.  xl will
+throw an error a uid maps to zero, but not if multiple VMs have the
+same uid.  Multiple VMs with the same device model uid will cause
+problems.
+
 ## Domain config changes
 
 The core domain config change is to add the following line to the
-- 
2.19.1


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH 4/9] dm_depriv: Describe expected usage of device_model_user parameter
  - From: Ian Jackson
- Re: [Xen-devel] [PATCH 4/9] dm_depriv: Describe expected usage of device_model_user parameter
  - From: Wei Liu

References:
- [Xen-devel] [PATCH 1/9] libxl: Remove redundant pidpath setting
  - From: George Dunlap

Prev by Date: [Xen-devel] [PATCH 3/4] xen/arch: Switch local_irq_save() to being a static inline helper
Next by Date: [Xen-devel] [PATCH 2/9] libxl: Move dm user determination logic into a helper function
Previous by thread: [Xen-devel] [PATCH 1/9] libxl: Remove redundant pidpath setting
Next by thread: Re: [Xen-devel] [PATCH 4/9] dm_depriv: Describe expected usage of device_model_user parameter
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.