[libvirt] [PATCH 35/47] vircgroup: extract virCgroupV1(Allow|Deny)AllDevices
Fabiano Fidêncio
fidencio at redhat.com
Thu Sep 20 06:30:49 UTC 2018
On Tue, Sep 18, 2018 at 5:45 PM, Pavel Hrdina <phrdina at redhat.com> wrote:
> Signed-off-by: Pavel Hrdina <phrdina at redhat.com>
>
Reviewed-by: Fabiano Fidêncio <fidencio at redhat.com>
> ---
> src/util/vircgroup.c | 18 ++----------------
> src/util/vircgroupbackend.h | 9 +++++++++
> src/util/vircgroupv1.c | 31 +++++++++++++++++++++++++++++++
> 3 files changed, 42 insertions(+), 16 deletions(-)
>
> diff --git a/src/util/vircgroup.c b/src/util/vircgroup.c
> index 8a54437dfa..ca36984472 100644
> --- a/src/util/vircgroup.c
> +++ b/src/util/vircgroup.c
> @@ -1824,10 +1824,7 @@ virCgroupGetCpusetCpus(virCgroupPtr group, char
> **cpus)
> int
> virCgroupDenyAllDevices(virCgroupPtr group)
> {
> - return virCgroupSetValueStr(group,
> - VIR_CGROUP_CONTROLLER_DEVICES,
> - "devices.deny",
> - "a");
> + VIR_CGROUP_BACKEND_CALL(group, denyAllDevices, -1);
> }
>
> /**
> @@ -1847,18 +1844,7 @@ virCgroupDenyAllDevices(virCgroupPtr group)
> int
> virCgroupAllowAllDevices(virCgroupPtr group, int perms)
> {
> - int ret = -1;
> -
> - if (virCgroupAllowDevice(group, 'b', -1, -1, perms) < 0)
> - goto cleanup;
> -
> - if (virCgroupAllowDevice(group, 'c', -1, -1, perms) < 0)
> - goto cleanup;
> -
> - ret = 0;
> -
> - cleanup:
> - return ret;
> + VIR_CGROUP_BACKEND_CALL(group, allowAllDevices, -1, perms);
> }
>
>
> diff --git a/src/util/vircgroupbackend.h b/src/util/vircgroupbackend.h
> index d7250cffdb..ce165fead4 100644
> --- a/src/util/vircgroupbackend.h
> +++ b/src/util/vircgroupbackend.h
> @@ -261,6 +261,13 @@ typedef int
> int minor,
> int perms);
>
> +typedef int
> +(*virCgroupAllowAllDevicesCB)(virCgroupPtr group,
> + int perms);
> +
> +typedef int
> +(*virCgroupDenyAllDevicesCB)(virCgroupPtr group);
> +
> struct _virCgroupBackend {
> virCgroupBackendType type;
>
> @@ -313,6 +320,8 @@ struct _virCgroupBackend {
>
> virCgroupAllowDeviceCB allowDevice;
> virCgroupDenyDeviceCB denyDevice;
> + virCgroupAllowAllDevicesCB allowAllDevices;
> + virCgroupDenyAllDevicesCB denyAllDevices;
> };
> typedef struct _virCgroupBackend virCgroupBackend;
> typedef virCgroupBackend *virCgroupBackendPtr;
> diff --git a/src/util/vircgroupv1.c b/src/util/vircgroupv1.c
> index 9ac0ef555c..bd6914f878 100644
> --- a/src/util/vircgroupv1.c
> +++ b/src/util/vircgroupv1.c
> @@ -1731,6 +1731,35 @@ virCgroupV1DenyDevice(virCgroupPtr group,
> }
>
>
> +static int
> +virCgroupV1AllowAllDevices(virCgroupPtr group,
> + int perms)
> +{
> + int ret = -1;
> +
> + if (virCgroupV1AllowDevice(group, 'b', -1, -1, perms) < 0)
> + goto cleanup;
> +
> + if (virCgroupV1AllowDevice(group, 'c', -1, -1, perms) < 0)
> + goto cleanup;
> +
> + ret = 0;
> +
> + cleanup:
> + return ret;
> +}
> +
> +
> +static int
> +virCgroupV1DenyAllDevices(virCgroupPtr group)
> +{
> + return virCgroupSetValueStr(group,
> + VIR_CGROUP_CONTROLLER_DEVICES,
> + "devices.deny",
> + "a");
> +}
> +
> +
> virCgroupBackend virCgroupV1Backend = {
> .type = VIR_CGROUP_BACKEND_TYPE_V1,
>
> @@ -1781,6 +1810,8 @@ virCgroupBackend virCgroupV1Backend = {
>
> .allowDevice = virCgroupV1AllowDevice,
> .denyDevice = virCgroupV1DenyDevice,
> + .allowAllDevices = virCgroupV1AllowAllDevices,
> + .denyAllDevices = virCgroupV1DenyAllDevices,
> };
>
>
> --
> 2.17.1
>
> --
> libvir-list mailing list
> libvir-list at redhat.com
> https://www.redhat.com/mailman/listinfo/libvir-list
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20180920/b62db840/attachment-0001.htm>
More information about the libvir-list
mailing list