mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-03-07 17:28:15 +00:00
util: cgroup: Drop virCgroup(Allow|Deny)DeviceMajor
Since commit 47e5b5ae virCgroupAllowDevice allows to pass -1 as either the minor or major device number and it automatically uses '*' in place of that. Reuse the new approach through the code and drop the duplicated functions.
This commit is contained in:
parent
f42b5c327f
commit
9cd5da710e
@ -1189,7 +1189,6 @@ virCgroupAddTask;
|
||||
virCgroupAddTaskController;
|
||||
virCgroupAllowAllDevices;
|
||||
virCgroupAllowDevice;
|
||||
virCgroupAllowDeviceMajor;
|
||||
virCgroupAllowDevicePath;
|
||||
virCgroupAvailable;
|
||||
virCgroupBindMount;
|
||||
@ -1198,7 +1197,6 @@ virCgroupControllerTypeFromString;
|
||||
virCgroupControllerTypeToString;
|
||||
virCgroupDenyAllDevices;
|
||||
virCgroupDenyDevice;
|
||||
virCgroupDenyDeviceMajor;
|
||||
virCgroupDenyDevicePath;
|
||||
virCgroupDetectMountsFromFile;
|
||||
virCgroupFree;
|
||||
|
@ -466,8 +466,8 @@ static int virLXCCgroupSetupDeviceACL(virDomainDefPtr def,
|
||||
}
|
||||
}
|
||||
|
||||
if (virCgroupAllowDeviceMajor(cgroup, 'c', LXC_DEV_MAJ_PTY,
|
||||
VIR_CGROUP_DEVICE_RWM) < 0)
|
||||
if (virCgroupAllowDevice(cgroup, 'c', LXC_DEV_MAJ_PTY, -1,
|
||||
VIR_CGROUP_DEVICE_RWM) < 0)
|
||||
goto cleanup;
|
||||
|
||||
VIR_DEBUG("Device whitelist complete");
|
||||
|
@ -558,8 +558,8 @@ qemuSetupDevicesCgroup(virQEMUDriverPtr driver,
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
rv = virCgroupAllowDeviceMajor(priv->cgroup, 'c', DEVICE_PTY_MAJOR,
|
||||
VIR_CGROUP_DEVICE_RW);
|
||||
rv = virCgroupAllowDevice(priv->cgroup, 'c', DEVICE_PTY_MAJOR, -1,
|
||||
VIR_CGROUP_DEVICE_RW);
|
||||
virDomainAuditCgroupMajor(vm, priv->cgroup, "allow", DEVICE_PTY_MAJOR,
|
||||
"pty", "rw", rv == 0);
|
||||
if (rv < 0)
|
||||
@ -576,8 +576,8 @@ qemuSetupDevicesCgroup(virQEMUDriverPtr driver,
|
||||
((vm->def->graphics[0]->type == VIR_DOMAIN_GRAPHICS_TYPE_VNC &&
|
||||
cfg->vncAllowHostAudio) ||
|
||||
(vm->def->graphics[0]->type == VIR_DOMAIN_GRAPHICS_TYPE_SDL))))) {
|
||||
rv = virCgroupAllowDeviceMajor(priv->cgroup, 'c', DEVICE_SND_MAJOR,
|
||||
VIR_CGROUP_DEVICE_RW);
|
||||
rv = virCgroupAllowDevice(priv->cgroup, 'c', DEVICE_SND_MAJOR, -1,
|
||||
VIR_CGROUP_DEVICE_RW);
|
||||
virDomainAuditCgroupMajor(vm, priv->cgroup, "allow", DEVICE_SND_MAJOR,
|
||||
"sound", "rw", rv == 0);
|
||||
if (rv < 0)
|
||||
|
@ -2980,41 +2980,6 @@ virCgroupAllowDevice(virCgroupPtr group, char type, int major, int minor,
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* virCgroupAllowDeviceMajor:
|
||||
*
|
||||
* @group: The cgroup to allow an entire device major type for
|
||||
* @type: The device type (i.e., 'c' or 'b')
|
||||
* @major: The major number of the device type
|
||||
* @perms: Bitwise or of VIR_CGROUP_DEVICE permission bits to allow
|
||||
*
|
||||
* Returns: 0 on success
|
||||
*/
|
||||
int
|
||||
virCgroupAllowDeviceMajor(virCgroupPtr group, char type, int major,
|
||||
int perms)
|
||||
{
|
||||
int ret = -1;
|
||||
char *devstr = NULL;
|
||||
|
||||
if (virAsprintf(&devstr, "%c %i:* %s", type, major,
|
||||
virCgroupGetDevicePermsString(perms)) < 0)
|
||||
goto cleanup;
|
||||
|
||||
if (virCgroupSetValueStr(group,
|
||||
VIR_CGROUP_CONTROLLER_DEVICES,
|
||||
"devices.allow",
|
||||
devstr) < 0)
|
||||
goto cleanup;
|
||||
|
||||
ret = 0;
|
||||
|
||||
cleanup:
|
||||
VIR_FREE(devstr);
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* virCgroupAllowDevicePath:
|
||||
*
|
||||
@ -3099,41 +3064,6 @@ virCgroupDenyDevice(virCgroupPtr group, char type, int major, int minor,
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* virCgroupDenyDeviceMajor:
|
||||
*
|
||||
* @group: The cgroup to deny an entire device major type for
|
||||
* @type: The device type (i.e., 'c' or 'b')
|
||||
* @major: The major number of the device type
|
||||
* @perms: Bitwise or of VIR_CGROUP_DEVICE permission bits to deny
|
||||
*
|
||||
* Returns: 0 on success
|
||||
*/
|
||||
int
|
||||
virCgroupDenyDeviceMajor(virCgroupPtr group, char type, int major,
|
||||
int perms)
|
||||
{
|
||||
int ret = -1;
|
||||
char *devstr = NULL;
|
||||
|
||||
if (virAsprintf(&devstr, "%c %i:* %s", type, major,
|
||||
virCgroupGetDevicePermsString(perms)) < 0)
|
||||
goto cleanup;
|
||||
|
||||
if (virCgroupSetValueStr(group,
|
||||
VIR_CGROUP_CONTROLLER_DEVICES,
|
||||
"devices.deny",
|
||||
devstr) < 0)
|
||||
goto cleanup;
|
||||
|
||||
ret = 0;
|
||||
|
||||
cleanup:
|
||||
VIR_FREE(devstr);
|
||||
return ret;
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
virCgroupDenyDevicePath(virCgroupPtr group, const char *path, int perms)
|
||||
{
|
||||
@ -4704,18 +4634,6 @@ virCgroupAllowDevice(virCgroupPtr group ATTRIBUTE_UNUSED,
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
virCgroupAllowDeviceMajor(virCgroupPtr group ATTRIBUTE_UNUSED,
|
||||
char type ATTRIBUTE_UNUSED,
|
||||
int major ATTRIBUTE_UNUSED,
|
||||
int perms ATTRIBUTE_UNUSED)
|
||||
{
|
||||
virReportSystemError(ENOSYS, "%s",
|
||||
_("Control groups not supported on this platform"));
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
virCgroupAllowDevicePath(virCgroupPtr group ATTRIBUTE_UNUSED,
|
||||
const char *path ATTRIBUTE_UNUSED,
|
||||
@ -4740,18 +4658,6 @@ virCgroupDenyDevice(virCgroupPtr group ATTRIBUTE_UNUSED,
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
virCgroupDenyDeviceMajor(virCgroupPtr group ATTRIBUTE_UNUSED,
|
||||
char type ATTRIBUTE_UNUSED,
|
||||
int major ATTRIBUTE_UNUSED,
|
||||
int perms ATTRIBUTE_UNUSED)
|
||||
{
|
||||
virReportSystemError(ENOSYS, "%s",
|
||||
_("Control groups not supported on this platform"));
|
||||
return -1;
|
||||
}
|
||||
|
||||
|
||||
int
|
||||
virCgroupDenyDevicePath(virCgroupPtr group ATTRIBUTE_UNUSED,
|
||||
const char *path ATTRIBUTE_UNUSED,
|
||||
|
@ -220,10 +220,6 @@ int virCgroupAllowDevice(virCgroupPtr group,
|
||||
int major,
|
||||
int minor,
|
||||
int perms);
|
||||
int virCgroupAllowDeviceMajor(virCgroupPtr group,
|
||||
char type,
|
||||
int major,
|
||||
int perms);
|
||||
int virCgroupAllowDevicePath(virCgroupPtr group,
|
||||
const char *path,
|
||||
int perms);
|
||||
@ -233,10 +229,6 @@ int virCgroupDenyDevice(virCgroupPtr group,
|
||||
int major,
|
||||
int minor,
|
||||
int perms);
|
||||
int virCgroupDenyDeviceMajor(virCgroupPtr group,
|
||||
char type,
|
||||
int major,
|
||||
int perms);
|
||||
int virCgroupDenyDevicePath(virCgroupPtr group,
|
||||
const char *path,
|
||||
int perms);
|
||||
|
Loading…
x
Reference in New Issue
Block a user