qemu, libxl, hypervisor: use virDomainDriverNodeDeviceDetachFlags() helper

libxlNodeDeviceDetachFlags() and qemuNodeDeviceDetachFlags() are mostly
equal, aside from how the virHostdevmanager pointer is retrieved and
the PCI stub driver used.

Now that the PCI stub driver verification is done early in both functions,
we can use the virDomainDriverNodeDeviceDetachFlags() helper to reduce
code duplication between them. 'driverName' is checked inside the helper
to set the appropriate stub driver.

The helper is named with the 'Flags' suffix, even when the helper itself
isn't receiving the flags from the callers, to be compliant with the
ACL function virNodeDeviceDetachFlagsEnsureACL() that is being called
inside it and was called from the original functions. Renaming the helper
would implicate in renaming REMOTE_PROC_NODE_DEVICE_DETACH_FLAGS, and all the
related structs inside remote_protocol.x, to be compliant with the ACL
rules.

This is not being checked at this moment, but we'll fix check-aclrules.py to
verify all the helpers that calls ACL functions in domain_driver.c shortly.

Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Daniel Henrique Barboza <danielhb413@gmail.com>
This commit is contained in:
Daniel Henrique Barboza 2021-01-30 14:23:41 -03:00
parent 76f4788932
commit 887dd0d331
5 changed files with 71 additions and 96 deletions

View File

@ -459,3 +459,63 @@ virDomainDriverNodeDeviceReAttach(virNodeDevicePtr dev,
return virHostdevPCINodeDeviceReAttach(hostdevMgr, pci); return virHostdevPCINodeDeviceReAttach(hostdevMgr, pci);
} }
int
virDomainDriverNodeDeviceDetachFlags(virNodeDevicePtr dev,
virHostdevManagerPtr hostdevMgr,
const char *driverName)
{
virPCIDevicePtr pci = NULL;
virPCIDeviceAddress devAddr;
int ret = -1;
virNodeDeviceDefPtr def = NULL;
g_autofree char *xml = NULL;
virConnectPtr nodeconn = NULL;
virNodeDevicePtr nodedev = NULL;
if (!driverName)
return -1;
if (!(nodeconn = virGetConnectNodeDev()))
goto cleanup;
/* 'dev' is associated with virConnectPtr, so for split
* daemons, we need to get a copy that is associated with
* the virnodedevd daemon. */
if (!(nodedev = virNodeDeviceLookupByName(nodeconn,
virNodeDeviceGetName(dev))))
goto cleanup;
xml = virNodeDeviceGetXMLDesc(nodedev, 0);
if (!xml)
goto cleanup;
def = virNodeDeviceDefParseString(xml, EXISTING_DEVICE, NULL);
if (!def)
goto cleanup;
/* ACL check must happen against original 'dev',
* not the new 'nodedev' we acquired */
if (virNodeDeviceDetachFlagsEnsureACL(dev->conn, def) < 0)
goto cleanup;
if (virDomainDriverNodeDeviceGetPCIInfo(def, &devAddr) < 0)
goto cleanup;
pci = virPCIDeviceNew(&devAddr);
if (!pci)
goto cleanup;
if (STREQ(driverName, "vfio"))
virPCIDeviceSetStubDriver(pci, VIR_PCI_STUB_DRIVER_VFIO);
else if (STREQ(driverName, "xen"))
virPCIDeviceSetStubDriver(pci, VIR_PCI_STUB_DRIVER_XEN);
ret = virHostdevPCINodeDeviceDetach(hostdevMgr, pci);
cleanup:
virPCIDeviceFree(pci);
virNodeDeviceDefFree(def);
virObjectUnref(nodedev);
virObjectUnref(nodeconn);
return ret;
}

View File

@ -56,3 +56,7 @@ int virDomainDriverNodeDeviceReset(virNodeDevicePtr dev,
int virDomainDriverNodeDeviceReAttach(virNodeDevicePtr dev, int virDomainDriverNodeDeviceReAttach(virNodeDevicePtr dev,
virHostdevManagerPtr hostdevMgr); virHostdevManagerPtr hostdevMgr);
int virDomainDriverNodeDeviceDetachFlags(virNodeDevicePtr dev,
virHostdevManagerPtr hostdevMgr,
const char *driverName);

View File

@ -1507,6 +1507,7 @@ virDomainCgroupSetupMemtune;
virDomainDriverGenerateMachineName; virDomainDriverGenerateMachineName;
virDomainDriverGenerateRootHash; virDomainDriverGenerateRootHash;
virDomainDriverMergeBlkioDevice; virDomainDriverMergeBlkioDevice;
virDomainDriverNodeDeviceDetachFlags;
virDomainDriverNodeDeviceGetPCIInfo; virDomainDriverNodeDeviceGetPCIInfo;
virDomainDriverNodeDeviceReAttach; virDomainDriverNodeDeviceReAttach;
virDomainDriverNodeDeviceReset; virDomainDriverNodeDeviceReset;

View File

@ -5772,15 +5772,8 @@ libxlNodeDeviceDetachFlags(virNodeDevicePtr dev,
const char *driverName, const char *driverName,
unsigned int flags) unsigned int flags)
{ {
virPCIDevicePtr pci = NULL;
virPCIDeviceAddress devAddr;
int ret = -1;
virNodeDeviceDefPtr def = NULL;
g_autofree char *xml = NULL;
libxlDriverPrivatePtr driver = dev->conn->privateData; libxlDriverPrivatePtr driver = dev->conn->privateData;
virHostdevManagerPtr hostdev_mgr = driver->hostdevMgr; virHostdevManagerPtr hostdev_mgr = driver->hostdevMgr;
virConnectPtr nodeconn = NULL;
virNodeDevicePtr nodedev = NULL;
virCheckFlags(0, -1); virCheckFlags(0, -1);
@ -5790,49 +5783,9 @@ libxlNodeDeviceDetachFlags(virNodeDevicePtr dev,
return -1; return -1;
} }
if (!(nodeconn = virGetConnectNodeDev())) /* virNodeDeviceDetachFlagsEnsureACL() is being called by
goto cleanup; * virDomainDriverNodeDeviceDetachFlags() */
return virDomainDriverNodeDeviceDetachFlags(dev, hostdev_mgr, driverName);
/* 'dev' is associated with the QEMU virConnectPtr,
* so for split daemons, we need to get a copy that
* is associated with the virnodedevd daemon.
*/
if (!(nodedev = virNodeDeviceLookupByName(nodeconn,
virNodeDeviceGetName(dev))))
goto cleanup;
xml = virNodeDeviceGetXMLDesc(nodedev, 0);
if (!xml)
goto cleanup;
def = virNodeDeviceDefParseString(xml, EXISTING_DEVICE, NULL);
if (!def)
goto cleanup;
/* ACL check must happen against original 'dev',
* not the new 'nodedev' we acquired */
if (virNodeDeviceDetachFlagsEnsureACL(dev->conn, def) < 0)
goto cleanup;
if (virDomainDriverNodeDeviceGetPCIInfo(def, &devAddr) < 0)
goto cleanup;
pci = virPCIDeviceNew(&devAddr);
if (!pci)
goto cleanup;
virPCIDeviceSetStubDriver(pci, VIR_PCI_STUB_DRIVER_XEN);
if (virHostdevPCINodeDeviceDetach(hostdev_mgr, pci) < 0)
goto cleanup;
ret = 0;
cleanup:
virPCIDeviceFree(pci);
virNodeDeviceDefFree(def);
virObjectUnref(nodedev);
virObjectUnref(nodeconn);
return ret;
} }
static int static int

View File

@ -11998,15 +11998,8 @@ qemuNodeDeviceDetachFlags(virNodeDevicePtr dev,
unsigned int flags) unsigned int flags)
{ {
virQEMUDriverPtr driver = dev->conn->privateData; virQEMUDriverPtr driver = dev->conn->privateData;
virPCIDevicePtr pci = NULL;
virPCIDeviceAddress devAddr;
int ret = -1;
virNodeDeviceDefPtr def = NULL;
g_autofree char *xml = NULL;
bool vfio = qemuHostdevHostSupportsPassthroughVFIO(); bool vfio = qemuHostdevHostSupportsPassthroughVFIO();
virHostdevManagerPtr hostdev_mgr = driver->hostdevMgr; virHostdevManagerPtr hostdev_mgr = driver->hostdevMgr;
virConnectPtr nodeconn = NULL;
virNodeDevicePtr nodedev = NULL;
virCheckFlags(0, -1); virCheckFlags(0, -1);
@ -12029,46 +12022,10 @@ qemuNodeDeviceDetachFlags(virNodeDevicePtr dev,
return -1; return -1;
} }
if (!(nodeconn = virGetConnectNodeDev()))
goto cleanup;
/* 'dev' is associated with the QEMU virConnectPtr, /* virNodeDeviceDetachFlagsEnsureACL() is being called by
* so for split daemons, we need to get a copy that * virDomainDriverNodeDeviceDetachFlags() */
* is associated with the virnodedevd daemon. return virDomainDriverNodeDeviceDetachFlags(dev, hostdev_mgr, driverName);
*/
if (!(nodedev = virNodeDeviceLookupByName(nodeconn,
virNodeDeviceGetName(dev))))
goto cleanup;
xml = virNodeDeviceGetXMLDesc(nodedev, 0);
if (!xml)
goto cleanup;
def = virNodeDeviceDefParseString(xml, EXISTING_DEVICE, NULL);
if (!def)
goto cleanup;
/* ACL check must happen against original 'dev',
* not the new 'nodedev' we acquired */
if (virNodeDeviceDetachFlagsEnsureACL(dev->conn, def) < 0)
goto cleanup;
if (virDomainDriverNodeDeviceGetPCIInfo(def, &devAddr) < 0)
goto cleanup;
pci = virPCIDeviceNew(&devAddr);
if (!pci)
goto cleanup;
virPCIDeviceSetStubDriver(pci, VIR_PCI_STUB_DRIVER_VFIO);
ret = virHostdevPCINodeDeviceDetach(hostdev_mgr, pci);
cleanup:
virPCIDeviceFree(pci);
virNodeDeviceDefFree(def);
virObjectUnref(nodedev);
virObjectUnref(nodeconn);
return ret;
} }
static int static int