From: Marc-André Lureau <marcandre.lureau@redhat.com>
Date: Wed, 13 Jan 2021 09:12:26 +0000 (+0400)
Subject: udev: allow kvm group to access vhost-net device
X-Git-Tag: v248-rc1~340^2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F18214%2Fhead;p=thirdparty%2Fsystemd.git

udev: allow kvm group to access vhost-net device

/dev/vhost-net is a host accelerator for virtio net devices. It has been
long available and used, thus should be safe to all KVM users.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
---

diff --git a/rules.d/50-udev-default.rules.in b/rules.d/50-udev-default.rules.in
index 0cc70b1bd0d..369fdbc1795 100644
--- a/rules.d/50-udev-default.rules.in
+++ b/rules.d/50-udev-default.rules.in
@@ -88,6 +88,8 @@ KERNEL=="kvm", GROUP="kvm", MODE="@DEV_KVM_MODE@", OPTIONS+="static_node=kvm"
 KERNEL=="vsock", MODE="0666"
 KERNEL=="vhost-vsock", GROUP="kvm", MODE="@DEV_KVM_MODE@", OPTIONS+="static_node=vhost-vsock"
 
+KERNEL=="vhost-net", GROUP="kvm", MODE="@DEV_KVM_MODE@", OPTIONS+="static_node=vhost-net"
+
 KERNEL=="udmabuf", GROUP="kvm"
 
 SUBSYSTEM=="ptp", ATTR{clock_name}=="KVM virtual PTP", SYMLINK += "ptp_kvm"
diff --git a/tmpfiles.d/static-nodes-permissions.conf.in b/tmpfiles.d/static-nodes-permissions.conf.in
index 923ce7d93e8..e5aa8fdb20d 100644
--- a/tmpfiles.d/static-nodes-permissions.conf.in
+++ b/tmpfiles.d/static-nodes-permissions.conf.in
@@ -15,4 +15,5 @@ z /dev/loop-control 0660 - disk  -
 z /dev/net/tun      0666 - -     -
 z /dev/fuse         0666 - -     -
 z /dev/kvm          @DEV_KVM_MODE@ - kvm -
+z /dev/vhost-net    @DEV_KVM_MODE@ - kvm -
 z /dev/vhost-vsock  @DEV_KVM_MODE@ - kvm -