On Tue, Apr 03, 2018 at 11:03:26 +0200, Michal Privoznik wrote: > https://bugzilla.redhat.com/show_bug.cgi?id=1557769 > > Problem with device mapper targets is that there can be several > other devices 'hidden' behind them. For instance, /dev/dm-1 can > consist of /dev/sda, /dev/sdb and /dev/sdc. Therefore, when > setting up devices CGroup and namespaces we have to take this > into account. > > Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx> > --- > libvirt.spec.in | 2 ++ > src/qemu/qemu_cgroup.c | 69 +++++++++++++++++++++++++++++++++++++++++++------- > 2 files changed, 62 insertions(+), 9 deletions(-) [...] > @@ -71,12 +75,35 @@ qemuSetupImagePathCgroup(virDomainObjPtr vm, > VIR_DEBUG("Allow path %s, perms: %s", > path, virCgroupGetDevicePermsString(perms)); > > - ret = virCgroupAllowDevicePath(priv->cgroup, path, perms, true); > + rv = virCgroupAllowDevicePath(priv->cgroup, path, perms, true); So this returns 1 if 'path' is not a char or block device ... > > virDomainAuditCgroupPath(vm, priv->cgroup, "allow", path, > virCgroupGetDevicePermsString(perms), > - ret); > + rv); > + if (rv < 0) > + goto cleanup; > > + if (virDevMapperGetTargets(path, &targetPaths) < 0 && > + errno != ENOSYS && errno != EBADF) { > + virReportSystemError(errno, So in that case this is definitely not necessary and should be skipped.
Attachment:
signature.asc
Description: PGP signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
