xenbits.xensource.com Git - libvirt.git/commit

author	Laine Stump <laine@laine.org>
	Mon, 29 Apr 2013 17:15:26 +0000 (13:15 -0400)
committer	Laine Stump <laine@laine.org>
	Tue, 30 Apr 2013 01:52:28 +0000 (21:52 -0400)
commit	6e13860cb46e74c94ee67477942693d8757cf5de
tree	95732a5443cb21a92f797e5bd13ec02ed0c9828a	tree
parent	dfb48349408b234cbba5edb7f4f4726d7cf7a1f2	commit \| diff

qemu: add vfio devices to cgroup ACL when appropriate

PCIO device assignment using VFIO requires read/write access by the
qemu process to /dev/vfio/vfio, and /dev/vfio/nn, where "nn" is the
VFIO group number that the assigned device belongs to (and can be
found with the function virPCIDeviceGetVFIOGroupDev)

/dev/vfio/vfio can be accessible to any guest without danger
(according to vfio developers), so it is added to the static ACL.

The group device must be dynamically added to the cgroup ACL for each
vfio hostdev in two places:

1) for any devices in the persistent config when the domain is started
(done during qemuSetupCgroup())

2) at device attach time for any hotplug devices (done in
qemuDomainAttachHostDevice)

The group device must be removed from the ACL when a device it
"hot-unplugged" (in qemuDomainDetachHostDevice())

Note that USB devices are already doing their own cgroup setup and
teardown in the hostdev-usb specific function. I chose to make the new
functions generic and call them in a common location though. We can
then move the USB-specific code (which is duplicated in two locations)
to this single location. I'll be posting a followup patch to do that.

src/qemu/qemu.conf		diff \| blob \| blame \| history
src/qemu/qemu_cgroup.c		diff \| blob \| blame \| history
src/qemu/qemu_cgroup.h		diff \| blob \| blame \| history
src/qemu/qemu_hotplug.c		diff \| blob \| blame \| history
src/qemu/test_libvirtd_qemu.aug.in		diff \| blob \| blame \| history