From mboxrd@z Thu Jan  1 00:00:00 1970
Authentication-Results: passt.top; dmarc=pass (p=none dis=none) header.from=redhat.com
Authentication-Results: passt.top;
	dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=UH8SRWDM;
	dkim-atps=neutral
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124])
	by passt.top (Postfix) with ESMTPS id 7A0875A026F
	for <passt-dev@passt.top>; Tue, 11 Mar 2025 23:45:04 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1741733103;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=E8dOv797OIEiF/ihwVTYpC6Xwy2BCL9imaEsGQAbQgg=;
	b=UH8SRWDMeHcgQ9B93Vf9IResb6AbCwt1Yw0pmCxhlxwsmGkwAKQiRPul/KHZzdePEBOMvI
	/NoSgYGM0z3QOLLDzs18plBsRvpcmy52Z1lWvuJcLjm1VgJHqd/VIFVVQ/7kHBakyJrWBr
	6LYPtE1h+JUZ4SZFYv5kcV7QH0KiBJ4=
Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com
 [209.85.128.70]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-351-TiIppNX4PuKoFyOaCH2KIg-1; Tue, 11 Mar 2025 18:45:01 -0400
X-MC-Unique: TiIppNX4PuKoFyOaCH2KIg-1
X-Mimecast-MFC-AGG-ID: TiIppNX4PuKoFyOaCH2KIg_1741733100
Received: by mail-wm1-f70.google.com with SMTP id 5b1f17b1804b1-43ceb011ea5so19091455e9.2
        for <passt-dev@passt.top>; Tue, 11 Mar 2025 15:45:00 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1741733099; x=1742337899;
        h=content-transfer-encoding:mime-version:organization:references
         :in-reply-to:message-id:subject:cc:to:from:date:x-gm-message-state
         :from:to:cc:subject:date:message-id:reply-to;
        bh=E8dOv797OIEiF/ihwVTYpC6Xwy2BCL9imaEsGQAbQgg=;
        b=rnD3RcsRFQjxbu0aylcjYM+q0iDyt5oVlniPJwWKjtrLpgCiJhGdh3LgYLWwmK4Usl
         nKKShpRP/7rdlvyCBrYZfuHzDZlIlTgCEtDz5HM9/CJHQ17BRQg7hqBa5K0I/hDmioze
         ta8OzLjZV3pm9BeIrDEYJouO6Z9bncmxT7rNIkW/fK51nlwGM/qaNuwTw5FKNnD3lvGt
         +lmgm/Coa99r1BK24+JuXN7iEhLtX5V1Fp3OaM2jMuk07hWGe2TGKlxZdxDRMkFmf7II
         /B2BtUJdED3BGgaLd6Ghi4vXg8ynP+JSant7ZKqlUijvbFImD6pNitGt/50i/68ZBE13
         ApQQ==
X-Gm-Message-State: AOJu0YxwQo7/xOby4qA02UY+G0teP03Crs44CKDYlNSJhkBRl6rUKxAX
	Yl0Tx8s30+2rpJ13nS9xV/Kn/Yrf0OCfbKaJ3UvwBgrgx/b/INMQO5F9jcPipHjS+PESgb5BcJ1
	QXdPsQ5D+wbJh9rntoGCokNiZGxe3XXPI53w8L87lxE3ebGYfHlnv5Ov9hA==
X-Gm-Gg: ASbGncsX+fu6uzQue4Pf7e4A+zEMToRJZOVg0LCZuQor8kTM55B0Nx1J4N5UQ2UCRcU
	jAAJhPju13FNy9klpfo7Cq3eyGALhKCxCZuwWXS0FoBxTQCct4PEUnabrMWUCbV1mPnIaURnBeo
	X7zBEwFSAJq6fj3ArOarq/X+a50LGX5kiyp6PHBfeVdh1kR+wa7m/Ev3F1ugad45knEMVtPHIT4
	TNDUSdO1R9UhsFAmK24Vvr7i4O/suM2nj/m25WnHWLcXoE+VFViP+eyNSw0kKNB9Bl0lmKD36LA
	CBy5wXvXVngrV6R6mdj4WhYrzaw=
X-Received: by 2002:a5d:648f:0:b0:391:2d97:7d0e with SMTP id ffacd0b85a97d-39132da92f4mr15121045f8f.42.1741733099613;
        Tue, 11 Mar 2025 15:44:59 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IFZi6TmY4p0kTXT3gU1kLeDalkfjxLPepgJKF8R0o0uJN34HV6nx582ufKDaNq48nFl3DmxQw==
X-Received: by 2002:a5d:648f:0:b0:391:2d97:7d0e with SMTP id ffacd0b85a97d-39132da92f4mr15121041f8f.42.1741733099216;
        Tue, 11 Mar 2025 15:44:59 -0700 (PDT)
Received: from maya.myfinge.rs (ifcgrfdd.trafficplex.cloud. [2a10:fc81:a806:d6a9::1])
        by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-3912bfdff57sm19708848f8f.37.2025.03.11.15.44.58
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 11 Mar 2025 15:44:58 -0700 (PDT)
Date: Tue, 11 Mar 2025 23:44:57 +0100
From: Stefano Brivio <sbrivio@redhat.com>
To: David Gibson <david@gibson.dropbear.id.au>
Subject: Re: [PATCH] passt-repair: Add directory watch
Message-ID: <20250311234457.4986a498@elisabeth>
In-Reply-To: <Z8-TcptFZA8REhbS@zatzit>
References: <20250307224120.2789900-1-sbrivio@redhat.com>
	<Z8-TcptFZA8REhbS@zatzit>
Organization: Red Hat
X-Mailer: Claws Mail 4.2.0 (GTK 3.24.41; x86_64-pc-linux-gnu)
MIME-Version: 1.0
X-Mimecast-Spam-Score: 0
X-Mimecast-MFC-PROC-ID: G-Yha6lc34VLcZigZSrXMyorF49Env-dSzYRn0BWvAM_1741733100
X-Mimecast-Originator: redhat.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Message-ID-Hash: GE2VZ5EXHCEBIQAPRPQGOYR6XTEF4X3N
X-Message-ID-Hash: GE2VZ5EXHCEBIQAPRPQGOYR6XTEF4X3N
X-MailFrom: sbrivio@redhat.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: passt-dev@passt.top
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: Development discussion and patches for passt <passt-dev.passt.top>
Archived-At: <https://archives.passt.top/passt-dev/20250311234457.4986a498@elisabeth/>
Archived-At: <https://passt.top/hyperkitty/list/passt-dev@passt.top/message/GE2VZ5EXHCEBIQAPRPQGOYR6XTEF4X3N/>
List-Archive: <https://archives.passt.top/passt-dev/>
List-Archive: <https://passt.top/hyperkitty/list/passt-dev@passt.top/>
List-Help: <mailto:passt-dev-request@passt.top?subject=help>
List-Owner: <mailto:passt-dev-owner@passt.top>
List-Post: <mailto:passt-dev@passt.top>
List-Subscribe: <mailto:passt-dev-join@passt.top>
List-Unsubscribe: <mailto:passt-dev-leave@passt.top>

On Tue, 11 Mar 2025 12:35:46 +1100
David Gibson <david@gibson.dropbear.id.au> wrote:

> On Fri, Mar 07, 2025 at 11:41:20PM +0100, Stefano Brivio wrote:
> > It might not be feasible for users to start passt-repair after passt
> > is started, on a migration target, but before the migration process
> > starts.
> > 
> > For instance, with libvirt, the guest domain (and, hence, passt) is
> > started on the target as part of the migration process. At least for
> > the moment being, there's no hook a libvirt user (including KubeVirt)
> > can use to start passt-repair before the migration starts.
> > 
> > Add a directory watch using inotify: if PATH is a directory, instead
> > of connecting to it, we'll watch for a .repair socket file to appear
> > in it, and then attempt to connect to that socket.  
> 
> So, with this change, running
> 	passt-repair /tmp
> 
> would be a Bad Idea.

...why? On any distribution where it's available, you can make it
connect to whatever you want, and it will do nothing else than
returning an error when passt tries to switch a socket to repair mode.

It will just work in the KubeVirt use case we planned for, for the
moment.

Then sure, you can give it capabilities or run it as root, disable
LSMs, and make it connect to whatever process. But you need root
anyway, so there isn't much to be gained.

> But that is the default path used by passt.  To
> use this safely, you really want to have a directory set aside for the
> use of just one passt instance, or at least passt-owning uid.

Right, that's what happens if libvirt starts it.

> I feel like we should enforce, or at least document and encourage that
> somewhere.  Not really sure where, though, so, with some misgivings

I think we'll find a more reasonable solution by the time this becomes
actually usable by mere mortals using distribution packages. I would
anyway drop all this once we figure out how to make it convenient for
libvirt. For stand-alone usage, this is not really needed.

-- 
Stefano