[libvirt] [PATCH 7/8] qemu: add passed-through input devs to cgroup ACL
Ján Tomko
jtomko at redhat.com
Fri Nov 20 08:59:42 UTC 2015
https://bugzilla.redhat.com/show_bug.cgi?id=1231114
---
src/qemu/qemu_cgroup.c | 25 +++++++++++++++++++++++++
1 file changed, 25 insertions(+)
diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c
index a8e0b8c..3b44b7a 100644
--- a/src/qemu/qemu_cgroup.c
+++ b/src/qemu/qemu_cgroup.c
@@ -200,6 +200,26 @@ qemuSetupTPMCgroup(virDomainDefPtr def,
static int
+qemuSetupInputCgroup(virDomainObjPtr vm,
+ virDomainInputDefPtr dev)
+{
+ qemuDomainObjPrivatePtr priv = vm->privateData;
+ int ret = 0;
+
+ switch (dev->type) {
+ case VIR_DOMAIN_INPUT_TYPE_PASSTHROUGH:
+ VIR_DEBUG("Process path '%s' for input device", dev->source.evdev);
+ ret = virCgroupAllowDevicePath(priv->cgroup, dev->source.evdev,
+ VIR_CGROUP_DEVICE_RW);
+ virDomainAuditCgroupPath(vm, priv->cgroup, "allow", dev->source.evdev, "rw", ret == 0);
+ break;
+ }
+
+ return ret;
+}
+
+
+static int
qemuSetupHostUSBDeviceCgroup(virUSBDevicePtr dev ATTRIBUTE_UNUSED,
const char *path,
void *opaque)
@@ -596,6 +616,11 @@ qemuSetupDevicesCgroup(virQEMUDriverPtr driver,
goto cleanup;
}
+ for (i = 0; i < vm->def->ninputs; i++) {
+ if (qemuSetupInputCgroup(vm, vm->def->inputs[i]) < 0)
+ goto cleanup;
+ }
+
for (i = 0; i < vm->def->nrngs; i++) {
if (vm->def->rngs[i]->backend == VIR_DOMAIN_RNG_BACKEND_RANDOM) {
VIR_DEBUG("Setting Cgroup ACL for RNG device");
--
2.4.6
More information about the libvir-list
mailing list