[libvirt] [PATCH v2 4/4] qemu: make qemu processes to retain rawio capability

Daniel P. Berrange berrange at redhat.com
Tue Jan 31 12:04:33 UTC 2012 

On Tue, Jan 31, 2012 at 01:52:27PM +0900, Taku Izumi wrote:
> 
> This patch revises qemuProcessStart() function for qemu 
> processes to retain CAP_SYS_RAWIO if needed.
> And in case of that, add taint flag to domain.
> 
> Signed-off-by: Taku Izumi <izumi.taku at jp.fujitsu.com>
> Signed-off-by: Shota Hirae <m11g1401 at hibikino.ne.jp>
> ---
>  src/qemu/qemu_domain.c  |    3 +++
>  src/qemu/qemu_process.c |    8 ++++++++
>  2 files changed, 11 insertions(+)
> 
> Index: libvirt/src/qemu/qemu_process.c
> ===================================================================
> --- libvirt.orig/src/qemu/qemu_process.c
> +++ libvirt/src/qemu/qemu_process.c
> @@ -27,6 +27,7 @@
>  #include <sys/stat.h>
>  #include <sys/time.h>
>  #include <sys/resource.h>
> +#include <linux/capability.h>
>  
>  #include "qemu_process.h"
>  #include "qemu_domain.h"
> @@ -3083,6 +3084,7 @@ int qemuProcessStart(virConnectPtr conn,
>      virCommandPtr cmd = NULL;
>      struct qemuProcessHookData hookData;
>      unsigned long cur_balloon;
> +    int i;
>  
>      hookData.conn = conn;
>      hookData.vm = vm;
> @@ -3335,6 +3337,12 @@ int qemuProcessStart(virConnectPtr conn,
>      if (driver->clearEmulatorCapabilities)
>          virCommandClearCaps(cmd);
>  
> +    /* in case a certain disk is desirous of CAP_SYS_RAWIO, add this */
> +    for (i = 0; i < vm->def->ndisks; i++) {
> +        if (vm->def->disks[i]->rawio == 1)
> +            virCommandAllowCap(cmd, CAP_SYS_RAWIO);
> +    }
> +
>      virCommandSetPreExecHook(cmd, qemuProcessHook, &hookData);
>  
>      virCommandSetOutputFD(cmd, &logfile);
> Index: libvirt/src/qemu/qemu_domain.c
> ===================================================================
> --- libvirt.orig/src/qemu/qemu_domain.c
> +++ libvirt/src/qemu/qemu_domain.c
> @@ -1259,6 +1259,9 @@ void qemuDomainObjCheckDiskTaint(struct 
>      if (!disk->driverType &&
>          driver->allowDiskFormatProbing)
>          qemuDomainObjTaint(driver, obj, VIR_DOMAIN_TAINT_DISK_PROBING, logFD);
> +
> +    if (disk->rawio)
> +        qemuDomainObjTaint(driver, obj, VIR_DOMAIN_TAINT_HIGH_PRIVILEGES, logFD);
>  }

ACK


Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

More information about the libvir-list mailing list