xenbits.xensource.com Git - libvirt.git/commit

author	Pavel Hrdina <phrdina@redhat.com>
	Thu, 14 Nov 2019 10:44:42 +0000 (11:44 +0100)
committer	Pavel Hrdina <phrdina@redhat.com>
	Fri, 15 Nov 2019 11:58:43 +0000 (12:58 +0100)
commit	c359cb9aee4bded676a9f9dc2cf028941571e6a1
tree	ad8a7f62ce1689404481f9b58552c4c721391a76	tree
parent	884479b42b857dc3dce6b3bd1dec4d8e971dee3c	commit \| diff

vircgroup: workaround devices in hybrid mode

So the issue here is that you can end up with configuration where
you have cgroup v1 and v2 enabled at the same time and the devices
controllers is enabled for cgroup v1.

In cgroup v2 there is no devices controller, the device access is
controlled using BPF and since it is not a cgroup controller both
of them can exists at the same time and both of them are applied while
resolving access to devices.

In order to avoid configuring both BPF and cgroup v1 devices we will
use BPF if possible and otherwise fallback to cgroup v1 devices.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>

src/util/vircgroup.c		diff \| blob \| blame \| history
src/util/vircgroupbackend.h		diff \| blob \| blame \| history
src/util/vircgroupv1.c		diff \| blob \| blame \| history
src/util/vircgroupv2.c		diff \| blob \| blame \| history