Re: [PATCH net-net 0/4] Increase the limit of tuntap queues

From: David Miller
Date: Sun Nov 23 2014 - 20:23:32 EST

Next message: Rafael J. Wysocki: "Re: [PATCH v5 03/18] ACPI / table: Count matched and successfully parsed entries without specifying max entries"
Previous message: Al Viro: "[RFC][PATCH 2/2] handle ITER_KVEC without copy_..._user"
In reply to: Michael S. Tsirkin: "Re: [PATCH net-net 0/4] Increase the limit of tuntap queues"
Next in thread: Jason Wang: "Re: [PATCH net-net 0/4] Increase the limit of tuntap queues"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: "Michael S. Tsirkin" <mst@xxxxxxxxxx>
Date: Sun, 23 Nov 2014 22:30:32 +0200

> qemu runs in the host, but it's unpriveledged: it gets
> passed tun FDs by a priveledged daemon, and it only
> has the rights to some operations,
> in particular to attach and detach queues.
>
> The assumption always was that this operation is safe
> and can't make kernel run out of resources.

This creates a rather rediculous situation in my opinion.

Configuring a network device is a privileged operation, the daemon
should be setting this thing up.

In no other context would we have to worry about something like this.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Rafael J. Wysocki: "Re: [PATCH v5 03/18] ACPI / table: Count matched and successfully parsed entries without specifying max entries"
Previous message: Al Viro: "[RFC][PATCH 2/2] handle ITER_KVEC without copy_..._user"
In reply to: Michael S. Tsirkin: "Re: [PATCH net-net 0/4] Increase the limit of tuntap queues"
Next in thread: Jason Wang: "Re: [PATCH net-net 0/4] Increase the limit of tuntap queues"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]