Received: by 10.223.176.5 with SMTP id f5csp2629074wra;
        Mon, 5 Feb 2018 07:17:28 -0800 (PST)
X-Google-Smtp-Source: AH8x225RLNqF7qojkCR2gGj39JdysQ3fOiw/mEBT9VLtlEzgZv29Tfz64HXoYb9HInGNEgZFJ3ZP
X-Received: by 10.98.205.14 with SMTP id o14mr2548979pfg.42.1517843848026;
        Mon, 05 Feb 2018 07:17:28 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1517843847; cv=none;
        d=google.com; s=arc-20160816;
        b=ew+tcmahIdVKxH2UqdUkYLjSPUAgzZ/vggC4olGgI60jFzDwUubKZBcAD9cZr6rGKE
         DJYi74gZF/LrOHB9OcfKl+LYNBQJ1UkCVYocSgnvreEauori+Aqj1pysyRRJAjy2Sjse
         8VOIvD8hefRBpH8M9/2Tf/kxvDss/DcvgV+PtFT/GXMD55cDPw3x3vP6q8Ow7IA5FRai
         TP1tS2j9nMAHYOa8W7bmiArdR+7tdvOoBXaQf9g2Cq922b1veaZE7WAMXIjeVi2de1Q5
         9OQB78+qGlX4wDlV77UCW0APMNKrb9aL5fnGIYaEqHFSUafldMUViCcy+piFcSSKp0U3
         vpcA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:reply-to
         :arc-authentication-results;
        bh=37IFd1gSohsn0SsSBs29wHnTyutRndkyONUv+AfPUNg=;
        b=HhCXzcIefsrcto3i+tQRKpC7jsoaPypEKIQREf4tKvBZAQD6Z0bIctdjT07PgK8xRW
         A6jiqbK0EtH6LChp4XaZB+7GuVWWz4EKeskKsgKlHqB2+UpU8MpZMyY1Hg5CgXRjvF3I
         nSP45/4ZhYtJeJy4XYzk3pILDhqa3RzmKxUfSgpPww/z3Ecl99lytzFFfLnLAjOsksoN
         dEe1TYoGy4dLnJ5blWAr8rxRoLw/SAKPtMo2pFFJCcmejeh9xgSOprkyyAN8W7bqnOPf
         OG9QRN3CYNQToogtjhDl9KB+/aFJAY07PjOVBRjEqKNN04o4dAXGMvNhGkln7o3RJNH1
         2d9g==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id y5si5577885pgc.612.2018.02.05.07.17.13;
        Mon, 05 Feb 2018 07:17:27 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1753286AbeBEPQl (ORCPT <rfc822;chrisloverchio@gmail.com>
        + 99 others); Mon, 5 Feb 2018 10:16:41 -0500
Received: from mailout.easymail.ca ([64.68.200.34]:45564 "EHLO
        mailout.easymail.ca" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1753166AbeBEPQg (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 5 Feb 2018 10:16:36 -0500
Received: from localhost (localhost [127.0.0.1])
        by mailout.easymail.ca (Postfix) with ESMTP id 429AFC0B66;
        Mon,  5 Feb 2018 15:16:35 +0000 (UTC)
Received: from mailout.easymail.ca ([127.0.0.1])
        by localhost (emo01-pco.easydns.vpn [127.0.0.1]) (amavisd-new, port 10024)
        with ESMTP id lt7hznGXXSAB; Mon,  5 Feb 2018 15:16:35 +0000 (UTC)
Received: from mail.gonehiking.org (c-24-9-64-241.hsd1.co.comcast.net [24.9.64.241])
        by mailout.easymail.ca (Postfix) with ESMTPA id 2A19CC0B1B;
        Mon,  5 Feb 2018 15:16:25 +0000 (UTC)
Received: from [192.168.1.87] (shuah-xps.internal [192.168.1.87])
        by mail.gonehiking.org (Postfix) with ESMTP id D99BC9F2E5;
        Mon,  5 Feb 2018 08:16:24 -0700 (MST)
Reply-To: shuah@kernel.org
Subject: Re: [PATH 0/4] usbip: make vhci_hcd.* objects independent of
 vhci_hcd.0
To:     Salvador Fandino <salva@qindel.com>, linux-usb@vger.kernel.org
Cc:     gregkh@linuxfoundation.org, valentina.manea.m@gmail.com,
        linux-kernel@vger.kernel.org, Shuah Khan <shuahkh@osg.samsung.com>,
        Shuah Khan <shuah@kernel.org>
References: <20180130083630.26501-1-salva@qindel.com>
From:   Shuah Khan <shuah@kernel.org>
Message-ID: <de022e9c-c42b-9af9-b118-6f7de336dc66@kernel.org>
Date:   Mon, 5 Feb 2018 08:16:24 -0700
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.6.0
MIME-Version: 1.0
In-Reply-To: <20180130083630.26501-1-salva@qindel.com>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 01/30/2018 01:36 AM, Salvador Fandino wrote:
> Let me start by explaining the problem that have motivated me to write
> this patches:
> 
> I work on the QVD, a virtual desktop platform for Linux. This software
> runs Linux desktops (i.e. XFCE, KDE) and their applications inside LXC
> containers, and makes then available through the network to remote
> users.
> 
> Supporting USB devices is a common feature customers have been
> requesting us for a long time (in order to use, for instance, remote
> signature pads, bar-code scanners, fingerprint readers, etc.). So, we
> have been working on that feature using the USB/IP layer on the
> kernel.
> 
> Connecting and disconnecting devices and transferring data works
> seamless for the devices listed above. But we also want to make the
> usbip operations private to the container where they are run.  For
> instance, it is unacceptable for our product, that one user could list
> the devices connected by other users or access them.
> 
> We can control how can access every device using cgroups once those
> are attached, but the usbip layer is not providing any mechanism for
> controlling who can attach, detach or list the devices.
> 
> So, we got the idea that in order to enforce that remote usbip devices
> are only visible inside the container where they were imported, we
> could conveniently mount-bind inside every container just one of the
> vhci_hcd directories below /sys/devices/platform. So that it is as if
> every container had a vhci_hcd just for itself (and also, we restrict
> access to the matching USB ports in cgroups).
> 
> Unfortunately, all the vhci_hcd.* devices are controlled through
> attributes in vhci_hcd.0 making our approach fail and so... well, that
> is what this patch series changes. It makes every vhci_hcd device
> controllable through attributes inside its own sysfs directory.
> 
> The first patch, does that in the kernel, and the second and third
> patches change user space, adapting the libusbip and the usbip tools
> code respectively.
> 
> Then there is a fourth patch, that allows to create much more USB
> hubs per machine. It was limited to 64 and we are running thousands of
> containers (every one requiring a hub) per host.
> 
> These changes are not completely backward compatible. In the sysfs
> side, besides moving around the attribute files, now the port numbers
> go from 0 to CONFIG_USBIP_VHCI_HC_PORTS * 2 - 1 and are reused for
> every vhci_hcd device. I could have maintained the absolute numeration
> but I think reusing the numbers is a better and simpler approach.
> 
> I have considered that until very recently, support for vhci_hcd
> devices above the .0 was broken in the uspip tools (see
> 1ac7c8a78be85f84b019d3d2742d1a9f07255cc5 "usbip: fix usbip attach to
> find a port that matches the requested speed") and that has been the
> place where I have set the bar for backward compatibility: usage of
> the tools must remain unchanged for accessing "vhci_hcd.0", but may
> require changes otherwise. The same is true for the library functions
> which now provides new functions for selecting the target vhci_hcd
> device. The old functions now always target "vhci_hcd.0".
> 
> So, for instance, now, "usbip port" by default only shows "vhci_hcd.0"
> ports but "usbip port -a" shows all of them, and, for instance, "usbip
> port -i 4", shows the ports in "vhci_hcd.4".
> 
> Cheers.
> 

I will take a look at these in the next week or so.

thanks,
-- Shuah