qemu: Introduce functions for input device cgroup manipulation

author Ján Tomko <jtomko@redhat.com>

Tue, 21 Nov 2017 12:33:07 +0000 (13:33 +0100)

committer Ján Tomko <jtomko@redhat.com>

Fri, 24 Nov 2017 16:38:51 +0000 (17:38 +0100)
author Ján Tomko <jtomko@redhat.com>
Tue, 21 Nov 2017 12:33:07 +0000 (13:33 +0100)
committer Ján Tomko <jtomko@redhat.com>
Fri, 24 Nov 2017 16:38:51 +0000 (17:38 +0100)
diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c

index 0f75e22f98541a98e73cd8aa400a44a17509ff8f..19252ea2396dd44837454152bae06d642a19b7c6 100644 (file)
--- a/src/qemu/qemu_cgroup.c
+++ b/src/qemu/qemu_cgroup.c
@@ -246,7 +246,7 @@ qemuSetupTPMCgroup(virDomainObjPtr vm)
  }
  
  
-static int
+int
  qemuSetupInputCgroup(virDomainObjPtr vm,
                       virDomainInputDefPtr dev)
  {
@@ -269,6 +269,29 @@ qemuSetupInputCgroup(virDomainObjPtr vm,
  }
  
  
+int
+qemuTeardownInputCgroup(virDomainObjPtr vm,
+                        virDomainInputDefPtr dev)
+{
+    qemuDomainObjPrivatePtr priv = vm->privateData;
+    int ret = 0;
+
+    if (!virCgroupHasController(priv->cgroup, VIR_CGROUP_CONTROLLER_DEVICES))
+        return 0;
+
+    switch (dev->type) {
+    case VIR_DOMAIN_INPUT_TYPE_PASSTHROUGH:
+        VIR_DEBUG("Process path '%s' for input device", dev->source.evdev);
+        ret = virCgroupDenyDevicePath(priv->cgroup, dev->source.evdev,
+                                      VIR_CGROUP_DEVICE_RWM, false);
+        virDomainAuditCgroupPath(vm, priv->cgroup, "deny", dev->source.evdev, "rwm", ret == 0);
+        break;
+    }
+
+    return ret;
+}
+
+
  int
  qemuSetupHostdevCgroup(virDomainObjPtr vm,
                         virDomainHostdevDefPtr dev)
diff --git a/src/qemu/qemu_cgroup.h b/src/qemu/qemu_cgroup.h

index 3fc1583612e17ffeef41b4dfe1c5bc27d01cd4a3..3b8ff6055da7b35939d19947c6916510753d5cfd 100644 (file)
--- a/src/qemu/qemu_cgroup.h
+++ b/src/qemu/qemu_cgroup.h
@@ -37,6 +37,10 @@ int qemuSetupDiskCgroup(virDomainObjPtr vm,
                          virDomainDiskDefPtr disk);
  int qemuTeardownDiskCgroup(virDomainObjPtr vm,
                             virDomainDiskDefPtr disk);
+int qemuSetupInputCgroup(virDomainObjPtr vm,
+                         virDomainInputDefPtr dev);
+int qemuTeardownInputCgroup(virDomainObjPtr vm,
+                            virDomainInputDefPtr dev);
  int qemuSetupHostdevCgroup(virDomainObjPtr vm,
                             virDomainHostdevDefPtr dev)
     ATTRIBUTE_RETURN_CHECK;
author	Ján Tomko <jtomko@redhat.com>
	Tue, 21 Nov 2017 12:33:07 +0000 (13:33 +0100)
committer	Ján Tomko <jtomko@redhat.com>
	Fri, 24 Nov 2017 16:38:51 +0000 (17:38 +0100)
src/qemu/qemu_cgroup.c		patch \| blob \| blame \| history
src/qemu/qemu_cgroup.h		patch \| blob \| blame \| history