[libvirt] RFC: Enable unprivileged SG_IO

Paolo Bonzini pbonzini at redhat.com
Thu Nov 22 14:33:43 UTC 2012

Il 22/11/2012 15:19, Daniel P. Berrange ha scritto:
>> What Paolo suggested is to add an entry in qemu.conf, just
>> like "cgroup_device_acl":
>> sgio_device_acl = [ "/dev/sda" ]
>> When libvirtd starting, set the sysfs knob "unpriv_sgio" of
>> the devices listed to 1, and 0 when libvirtd exists.
>> I don't quite agree with this approach, as entries in qemu.conf
>> generally should be configuration for the whole qemu driver,
>> however, the SG_IO setting is at the device layer, or not
>> higher than guest layer.
> This is fundamentally guest configuration IMHO,not system
> configuration, so qemu.conf is the wrong place for it.

We can make it 100% guest configuration.  Let's add the same whitelist
as the kernel to QEMU's scsi-block/scsi-generic as well.  This way,
libvirt will be able to start domains with different settings as long as
QEMU supports the new property (let's call it scsi-block.privileged).  I
can add it to 1.4.


More information about the libvir-list mailing list