From nobody Thu May  2 23:06:44 2024
Delivered-To: importer@patchew.org
Received-SPF: pass (zoho.com: domain of redhat.com designates 209.132.183.39
 as permitted sender) client-ip=209.132.183.39;
 envelope-from=libvir-list-bounces@redhat.com; helo=mx6-phx2.redhat.com;
Authentication-Results: mx.zoho.com;
	spf=pass (zoho.com: domain of redhat.com designates 209.132.183.39 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
Return-Path: <libvir-list-bounces@redhat.com>
Received: from mx6-phx2.redhat.com (mx6-phx2.redhat.com [209.132.183.39]) by
 mx.zohomail.com
	with SMTPS id 1487778182674278.30186033806297;
 Wed, 22 Feb 2017 07:43:02 -0800 (PST)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by mx6-phx2.redhat.com (8.14.4/8.14.4) with ESMTP id v1MFd9fW009006;
	Wed, 22 Feb 2017 10:39:09 -0500
Received: from int-mx11.intmail.prod.int.phx2.redhat.com
	(int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.24])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id v1MFd8aL001417 for <libvir-list@listman.util.phx.redhat.com>;
	Wed, 22 Feb 2017 10:39:08 -0500
Received: from moe.brq.redhat.com (dhcp129-131.brq.redhat.com [10.34.129.131])
	by int-mx11.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with
	ESMTP id v1MFd7ff022402
	for <libvir-list@redhat.com>; Wed, 22 Feb 2017 10:39:07 -0500
From: Michal Privoznik <mprivozn@redhat.com>
To: libvir-list@redhat.com
Date: Wed, 22 Feb 2017 16:38:59 +0100
Message-Id: 
 <9adf876a35527f8798f129c3c3974027d91d87cb.1487777939.git.mprivozn@redhat.com>
X-Scanned-By: MIMEDefang 2.68 on 10.5.11.24
X-loop: libvir-list@redhat.com
Subject: [libvirt] [PATCH] qemu_cgroup: Only try to allow devices if devices
	CGroup's available
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-ZohoMail: RSF_0  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

When a domain needs an access to some device (be it a disk, RNG,
chardev, whatever), we have to allow it in the devices CGroup (if
it is available), because by default we disallow all the devices.
But some of the functions that are responsible for setting up
devices CGroup are lacking check whether there is any CGroup
available. Thus users might be unable to hotplug some devices:

  virsh # attach-device fedora rng.xml
  error: Failed to attach device from rng.xml
  error: internal error: Controller 'devices' is not mounted

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
---
 src/qemu/qemu_cgroup.c | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c
index f0729743a..42a47a798 100644
--- a/src/qemu/qemu_cgroup.c
+++ b/src/qemu/qemu_cgroup.c
@@ -176,6 +176,9 @@ qemuSetupChrSourceCgroup(virDomainObjPtr vm,
     qemuDomainObjPrivatePtr priv =3D vm->privateData;
     int ret;
=20
+    if (!virCgroupHasController(priv->cgroup, VIR_CGROUP_CONTROLLER_DEVICE=
S))
+        return 0;
+
     if (source->type !=3D VIR_DOMAIN_CHR_TYPE_DEV)
         return 0;
=20
@@ -197,6 +200,9 @@ qemuTeardownChrSourceCgroup(virDomainObjPtr vm,
     qemuDomainObjPrivatePtr priv =3D vm->privateData;
     int ret;
=20
+    if (!virCgroupHasController(priv->cgroup, VIR_CGROUP_CONTROLLER_DEVICE=
S))
+        return 0;
+
     if (source->type !=3D VIR_DOMAIN_CHR_TYPE_DEV)
         return 0;
=20
@@ -247,6 +253,9 @@ qemuSetupInputCgroup(virDomainObjPtr vm,
     qemuDomainObjPrivatePtr priv =3D vm->privateData;
     int ret =3D 0;
=20
+    if (!virCgroupHasController(priv->cgroup, VIR_CGROUP_CONTROLLER_DEVICE=
S))
+        return 0;
+
     switch (dev->type) {
     case VIR_DOMAIN_INPUT_TYPE_PASSTHROUGH:
         VIR_DEBUG("Process path '%s' for input device", dev->source.evdev);
@@ -270,6 +279,9 @@ qemuSetupHostdevCgroup(virDomainObjPtr vm,
     size_t i, npaths =3D 0;
     int rv, ret =3D -1;
=20
+    if (!virCgroupHasController(priv->cgroup, VIR_CGROUP_CONTROLLER_DEVICE=
S))
+        return 0;
+
     if (qemuDomainGetHostdevPath(NULL, dev, false, &npaths, &path, &perms)=
 < 0)
         goto cleanup;
=20
@@ -344,6 +356,9 @@ qemuSetupGraphicsCgroup(virDomainObjPtr vm,
     const char *rendernode =3D gfx->data.spice.rendernode;
     int ret;
=20
+    if (!virCgroupHasController(priv->cgroup, VIR_CGROUP_CONTROLLER_DEVICE=
S))
+        return 0;
+
     if (gfx->type !=3D VIR_DOMAIN_GRAPHICS_TYPE_SPICE ||
         gfx->data.spice.gl !=3D VIR_TRISTATE_BOOL_YES ||
         !rendernode)
@@ -481,6 +496,9 @@ qemuSetupRNGCgroup(virDomainObjPtr vm,
     qemuDomainObjPrivatePtr priv =3D vm->privateData;
     int rv;
=20
+    if (!virCgroupHasController(priv->cgroup, VIR_CGROUP_CONTROLLER_DEVICE=
S))
+        return 0;
+
     if (rng->backend =3D=3D VIR_DOMAIN_RNG_BACKEND_RANDOM) {
         VIR_DEBUG("Setting Cgroup ACL for RNG device");
         rv =3D virCgroupAllowDevicePath(priv->cgroup,
@@ -505,6 +523,9 @@ qemuTeardownRNGCgroup(virDomainObjPtr vm,
     qemuDomainObjPrivatePtr priv =3D vm->privateData;
     int rv;
=20
+    if (!virCgroupHasController(priv->cgroup, VIR_CGROUP_CONTROLLER_DEVICE=
S))
+        return 0;
+
     if (rng->backend =3D=3D VIR_DOMAIN_RNG_BACKEND_RANDOM) {
         VIR_DEBUG("Tearing down Cgroup ACL for RNG device");
         rv =3D virCgroupDenyDevicePath(priv->cgroup,
--=20
2.11.0

--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list