External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-03-07 17:28:15 +00:00
Code

qemu: Allow nvdimm in devices CGroups

Browse Source 
Some users might want to pass a blockdev or a chardev as a
backend for NVDIMM. In fact, this is expected to be the mostly
used configuration. Therefore libvirt should allow the device in
devices CGroup then.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
This commit is contained in:
Michal Privoznik 2017-02-22 16:33:12 +01:00
parent 78612aa597
commit 6e95abb446
3 changed files with 63 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
src/qemu/qemu_cgroup.c
View File

@ -348,6 +348,50 @@ qemuTeardownHostdevCgroup(virDomainObjPtr vm,
} }
int
qemuSetupMemoryDevicesCgroup(virDomainObjPtr vm,
virDomainMemoryDefPtr mem)
{
qemuDomainObjPrivatePtr priv = vm->privateData;
int rv;
if (mem->model != VIR_DOMAIN_MEMORY_MODEL_NVDIMM)
return 0;
if (!virCgroupHasController(priv->cgroup, VIR_CGROUP_CONTROLLER_DEVICES))
return 0;
VIR_DEBUG("Setting devices Cgroup for NVDIMM device: %s", mem->nvdimmPath);
rv = virCgroupAllowDevicePath(priv->cgroup, mem->nvdimmPath,
VIR_CGROUP_DEVICE_RW, false);
virDomainAuditCgroupPath(vm, priv->cgroup, "allow",
mem->nvdimmPath, "rw", rv == 0);
return rv;
}
int
qemuTeardownMemoryDevicesCgroup(virDomainObjPtr vm,
virDomainMemoryDefPtr mem)
{
qemuDomainObjPrivatePtr priv = vm->privateData;
int rv;
if (mem->model != VIR_DOMAIN_MEMORY_MODEL_NVDIMM)
return 0;
if (!virCgroupHasController(priv->cgroup, VIR_CGROUP_CONTROLLER_DEVICES))
return 0;
rv = virCgroupDenyDevicePath(priv->cgroup, mem->nvdimmPath,
VIR_CGROUP_DEVICE_RWM, false);
virDomainAuditCgroupPath(vm, priv->cgroup,
"deny", mem->nvdimmPath, "rwm", rv == 0);
return rv;
}
static int static int
qemuSetupGraphicsCgroup(virDomainObjPtr vm, qemuSetupGraphicsCgroup(virDomainObjPtr vm,
virDomainGraphicsDefPtr gfx) virDomainGraphicsDefPtr gfx)
@ -647,6 +691,11 @@ qemuSetupDevicesCgroup(virQEMUDriverPtr driver,
goto cleanup; goto cleanup;
} }
for (i = 0; i < vm->def->nmems; i++) {
if (qemuSetupMemoryDevicesCgroup(vm, vm->def->mems[i]) < 0)
goto cleanup;
}
for (i = 0; i < vm->def->ngraphics; i++) { for (i = 0; i < vm->def->ngraphics; i++) {
if (qemuSetupGraphicsCgroup(vm, vm->def->graphics[i]) < 0) if (qemuSetupGraphicsCgroup(vm, vm->def->graphics[i]) < 0)
goto cleanup; goto cleanup;

4
src/qemu/qemu_cgroup.h
View File

@ -43,6 +43,10 @@ int qemuSetupHostdevCgroup(virDomainObjPtr vm,
int qemuTeardownHostdevCgroup(virDomainObjPtr vm, int qemuTeardownHostdevCgroup(virDomainObjPtr vm,
virDomainHostdevDefPtr dev) virDomainHostdevDefPtr dev)
ATTRIBUTE_RETURN_CHECK; ATTRIBUTE_RETURN_CHECK;
int qemuSetupMemoryDevicesCgroup(virDomainObjPtr vm,
virDomainMemoryDefPtr mem);
int qemuTeardownMemoryDevicesCgroup(virDomainObjPtr vm,
virDomainMemoryDefPtr mem);
int qemuSetupRNGCgroup(virDomainObjPtr vm, int qemuSetupRNGCgroup(virDomainObjPtr vm,
virDomainRNGDefPtr rng); virDomainRNGDefPtr rng);
int qemuTeardownRNGCgroup(virDomainObjPtr vm, int qemuTeardownRNGCgroup(virDomainObjPtr vm,

10
src/qemu/qemu_hotplug.c
View File

@ -2216,6 +2216,7 @@ qemuDomainAttachMemory(virQEMUDriverPtr driver,
const char *backendType; const char *backendType;
bool objAdded = false; bool objAdded = false;
bool teardownlabel = false; bool teardownlabel = false;
bool teardowncgroup = false;
virJSONValuePtr props = NULL; virJSONValuePtr props = NULL;
virObjectEventPtr event; virObjectEventPtr event;
int id; int id;
@ -2245,6 +2246,10 @@ qemuDomainAttachMemory(virQEMUDriverPtr driver,
priv->qemuCaps, vm->def, mem, NULL, true) < 0) priv->qemuCaps, vm->def, mem, NULL, true) < 0)
goto cleanup; goto cleanup;
if (qemuSetupMemoryDevicesCgroup(vm, mem) < 0)
goto cleanup;
teardowncgroup = true;
if (qemuSecuritySetMemoryLabel(driver, vm, mem) < 0) if (qemuSecuritySetMemoryLabel(driver, vm, mem) < 0)
goto cleanup; goto cleanup;
teardownlabel = true; teardownlabel = true;
@ -2290,6 +2295,8 @@ qemuDomainAttachMemory(virQEMUDriverPtr driver,
virDomainAuditMemory(vm, oldmem, newmem, "update", ret == 0); virDomainAuditMemory(vm, oldmem, newmem, "update", ret == 0);
cleanup: cleanup:
if (mem && ret < 0) { if (mem && ret < 0) {
if (teardowncgroup && qemuTeardownMemoryDevicesCgroup(vm, mem) < 0)
VIR_WARN("Unable to remove memory device cgroup ACL on hotplug fail");
if (teardownlabel && qemuSecurityRestoreMemoryLabel(driver, vm, mem) < 0) if (teardownlabel && qemuSecurityRestoreMemoryLabel(driver, vm, mem) < 0)
VIR_WARN("Unable to restore security label on memdev"); VIR_WARN("Unable to restore security label on memdev");
} }
@ -3758,6 +3765,9 @@ qemuDomainRemoveMemoryDevice(virQEMUDriverPtr driver,
if (qemuSecurityRestoreMemoryLabel(driver, vm, mem) < 0) if (qemuSecurityRestoreMemoryLabel(driver, vm, mem) < 0)
VIR_WARN("Unable to restore security label on memdev"); VIR_WARN("Unable to restore security label on memdev");
if (qemuTeardownMemoryDevicesCgroup(vm, mem) < 0)
VIR_WARN("Unable to remove memory device cgroup ACL");
virDomainMemoryDefFree(mem); virDomainMemoryDefFree(mem);
/* fix the balloon size */ /* fix the balloon size */