External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-01-05 12:35:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

vircgroup: extract virCgroupV1(Allow|Deny)AllDevices

Browse Source 
Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
This commit is contained in:
Pavel Hrdina 2018-09-05 20:10:02 +02:00
parent 8cbb0c76ba
commit fd9a0368b9
3 changed files with 42 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
src/util/vircgroup.c
View File

@ -1818,10 +1818,7 @@ virCgroupGetCpusetCpus(virCgroupPtr group, char **cpus)
int int
virCgroupDenyAllDevices(virCgroupPtr group) virCgroupDenyAllDevices(virCgroupPtr group)
{ {
return virCgroupSetValueStr(group, VIR_CGROUP_BACKEND_CALL(group, denyAllDevices, -1);
VIR_CGROUP_CONTROLLER_DEVICES,
"devices.deny",
"a");
} }
/** /**
@ -1841,18 +1838,7 @@ virCgroupDenyAllDevices(virCgroupPtr group)
int int
virCgroupAllowAllDevices(virCgroupPtr group, int perms) virCgroupAllowAllDevices(virCgroupPtr group, int perms)
{ {
int ret = -1; VIR_CGROUP_BACKEND_CALL(group, allowAllDevices, -1, perms);
if (virCgroupAllowDevice(group, 'b', -1, -1, perms) < 0)
goto cleanup;
if (virCgroupAllowDevice(group, 'c', -1, -1, perms) < 0)
goto cleanup;
ret = 0;
cleanup:
return ret;
} }

9
src/util/vircgroupbackend.h
View File

@ -269,6 +269,13 @@ typedef int
int minor, int minor,
int perms); int perms);
typedef int
(*virCgroupAllowAllDevicesCB)(virCgroupPtr group,
int perms);
typedef int
(*virCgroupDenyAllDevicesCB)(virCgroupPtr group);
struct _virCgroupBackend { struct _virCgroupBackend {
virCgroupBackendType type; virCgroupBackendType type;
@ -321,6 +328,8 @@ struct _virCgroupBackend {
virCgroupAllowDeviceCB allowDevice; virCgroupAllowDeviceCB allowDevice;
virCgroupDenyDeviceCB denyDevice; virCgroupDenyDeviceCB denyDevice;
virCgroupAllowAllDevicesCB allowAllDevices;
virCgroupDenyAllDevicesCB denyAllDevices;
}; };
typedef struct _virCgroupBackend virCgroupBackend; typedef struct _virCgroupBackend virCgroupBackend;
typedef virCgroupBackend *virCgroupBackendPtr; typedef virCgroupBackend *virCgroupBackendPtr;

31
src/util/vircgroupv1.c
View File

@ -1736,6 +1736,35 @@ virCgroupV1DenyDevice(virCgroupPtr group,
} }
static int
virCgroupV1AllowAllDevices(virCgroupPtr group,
int perms)
{
int ret = -1;
if (virCgroupV1AllowDevice(group, 'b', -1, -1, perms) < 0)
goto cleanup;
if (virCgroupV1AllowDevice(group, 'c', -1, -1, perms) < 0)
goto cleanup;
ret = 0;
cleanup:
return ret;
}
static int
virCgroupV1DenyAllDevices(virCgroupPtr group)
{
return virCgroupSetValueStr(group,
VIR_CGROUP_CONTROLLER_DEVICES,
"devices.deny",
"a");
}
virCgroupBackend virCgroupV1Backend = { virCgroupBackend virCgroupV1Backend = {
.type = VIR_CGROUP_BACKEND_TYPE_V1, .type = VIR_CGROUP_BACKEND_TYPE_V1,
@ -1786,6 +1815,8 @@ virCgroupBackend virCgroupV1Backend = {
.allowDevice = virCgroupV1AllowDevice, .allowDevice = virCgroupV1AllowDevice,
.denyDevice = virCgroupV1DenyDevice, .denyDevice = virCgroupV1DenyDevice,
.allowAllDevices = virCgroupV1AllowAllDevices,
.denyAllDevices = virCgroupV1DenyAllDevices,
}; };