qemu: add passed-through input devs to cgroup ACL

author Ján Tomko <jtomko@redhat.com>

Thu, 19 Nov 2015 13:32:22 +0000 (14:32 +0100)

committer Ján Tomko <jtomko@redhat.com>

Mon, 30 Nov 2015 11:59:10 +0000 (12:59 +0100)
author Ján Tomko <jtomko@redhat.com>
Thu, 19 Nov 2015 13:32:22 +0000 (14:32 +0100)
committer Ján Tomko <jtomko@redhat.com>
Mon, 30 Nov 2015 11:59:10 +0000 (12:59 +0100)
diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c

index 2e6902431489fea2253a11ea2b989ea68e1558f6..b52ce3ae5e580905bb8bad127e226146af8858fd 100644 (file)
--- a/src/qemu/qemu_cgroup.c
+++ b/src/qemu/qemu_cgroup.c
@@ -197,6 +197,26 @@ qemuSetupTPMCgroup(virDomainObjPtr vm)
  }
  
  
+static int
+qemuSetupInputCgroup(virDomainObjPtr vm,
+                     virDomainInputDefPtr dev)
+{
+    qemuDomainObjPrivatePtr priv = vm->privateData;
+    int ret = 0;
+
+    switch (dev->type) {
+    case VIR_DOMAIN_INPUT_TYPE_PASSTHROUGH:
+        VIR_DEBUG("Process path '%s' for input device", dev->source.evdev);
+        ret = virCgroupAllowDevicePath(priv->cgroup, dev->source.evdev,
+                                       VIR_CGROUP_DEVICE_RW);
+        virDomainAuditCgroupPath(vm, priv->cgroup, "allow", dev->source.evdev, "rw", ret == 0);
+        break;
+    }
+
+    return ret;
+}
+
+
  static int
  qemuSetupHostUSBDeviceCgroup(virUSBDevicePtr dev ATTRIBUTE_UNUSED,
                               const char *path,
@@ -591,6 +611,11 @@ qemuSetupDevicesCgroup(virQEMUDriverPtr driver,
              goto cleanup;
      }
  
+    for (i = 0; i < vm->def->ninputs; i++) {
+        if (qemuSetupInputCgroup(vm, vm->def->inputs[i]) < 0)
+            goto cleanup;
+    }
+
      for (i = 0; i < vm->def->nrngs; i++) {
          if (vm->def->rngs[i]->backend == VIR_DOMAIN_RNG_BACKEND_RANDOM) {
              VIR_DEBUG("Setting Cgroup ACL for RNG device");
author	Ján Tomko <jtomko@redhat.com>
	Thu, 19 Nov 2015 13:32:22 +0000 (14:32 +0100)
committer	Ján Tomko <jtomko@redhat.com>
	Mon, 30 Nov 2015 11:59:10 +0000 (12:59 +0100)