On Tue, Dec 22, 2009 at 06:21:16PM +0100, Jiri Denemark wrote:
>
> Signed-off-by: Jiri Denemark <jdenemar@xxxxxxxxxx>
> ---
> src/qemu/libvirtd_qemu.aug | 1 +
> src/qemu/qemu.conf | 6 ++++++
> src/qemu/qemu_conf.c | 4 ++++
> src/qemu/qemu_conf.h | 2 ++
> src/qemu/qemu_driver.c | 6 +++++-
> src/qemu/test_libvirtd_qemu.aug | 6 +++++-
> 6 files changed, 23 insertions(+), 2 deletions(-)
>
> diff --git a/src/qemu/libvirtd_qemu.aug b/src/qemu/libvirtd_qemu.aug
> index f0b2a5e..ef75421 100644
> --- a/src/qemu/libvirtd_qemu.aug
> +++ b/src/qemu/libvirtd_qemu.aug
> @@ -36,6 +36,7 @@ module Libvirtd_qemu =
> | str_array_entry "cgroup_device_acl"
> | str_entry "save_image_format"
> | str_entry "hugetlbfs_mount"
> + | bool_entry "relaxed_acs_check"
>
> (* Each enty in the config is one of the following three ... *)
> let entry = vnc_entry
> diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf
> index 2129bae..1078963 100644
> --- a/src/qemu/qemu.conf
> +++ b/src/qemu/qemu.conf
> @@ -157,3 +157,9 @@
> # This currently requires ebtables to be installed.
> #
> # mac_filter = 1
> +
> +# By default, PCI devices below non-ACS switch are not allowed to be assigned
> +# to guests. By setting relaxed_acs_check to 1 such devices will be allowed to
> +# be assigned to guests.
> +#
> +# relaxed_acs_check = 1
Okay. Really all this should be done in hardware and this is extra
pollution in the config file until this get solved or we manage to
build a proper white list. But at this point that's the best solution.
> diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
> index f53c1f7..3d4bc4c 100644
> --- a/src/qemu/qemu_conf.c
> +++ b/src/qemu/qemu_conf.c
> @@ -340,6 +340,10 @@ int qemudLoadDriverConfig(struct qemud_driver *driver,
> }
> }
>
> + p = virConfGetValue (conf, "relaxed_acs_check");
> + CHECK_TYPE ("relaxed_acs_check", VIR_CONF_LONG);
> + if (p) driver->relaxedACS = p->l;
> +
> virConfFree (conf);
> return 0;
> }
> diff --git a/src/qemu/qemu_conf.h b/src/qemu/qemu_conf.h
> index 209cd31..befa20f 100644
> --- a/src/qemu/qemu_conf.h
> +++ b/src/qemu/qemu_conf.h
> @@ -121,6 +121,8 @@ struct qemud_driver {
> unsigned int macFilter : 1;
> ebtablesContext *ebtables;
>
> + unsigned int relaxedACS : 1;
> +
> virCapsPtr caps;
>
> /* An array of callbacks */
> diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
> index a6a1a5a..7d42e6f 100644
> --- a/src/qemu/qemu_driver.c
> +++ b/src/qemu/qemu_driver.c
> @@ -1813,6 +1813,9 @@ qemuPrepareHostDevices(virConnectPtr conn,
>
> for (i = 0; i < pciDeviceListCount(pcidevs); i++) {
> pciDevice *dev = pciDeviceListGet(pcidevs, i);
> + if (!pciDeviceIsAssignable(conn, dev, !driver->relaxedACS))
> + goto cleanup;
> +
Okay, that where we hook up with patch 1
> if (pciDeviceGetManaged(dev) &&
> pciDettachDevice(conn, dev) < 0)
> goto cleanup;
> @@ -5298,7 +5301,8 @@ static int qemudDomainAttachHostPciDevice(virConnectPtr conn,
> if (!pci)
> return -1;
>
> - if ((hostdev->managed && pciDettachDevice(conn, pci) < 0) ||
> + if (!pciDeviceIsAssignable(conn, pci, !driver->relaxedACS) ||
> + (hostdev->managed && pciDettachDevice(conn, pci) < 0) ||
> pciResetDevice(conn, pci, driver->activePciHostdevs) < 0) {
> pciFreeDevice(conn, pci);
> return -1;
> diff --git a/src/qemu/test_libvirtd_qemu.aug b/src/qemu/test_libvirtd_qemu.aug
> index ac89438..e9abbb4 100644
> --- a/src/qemu/test_libvirtd_qemu.aug
> +++ b/src/qemu/test_libvirtd_qemu.aug
> @@ -93,6 +93,8 @@ cgroup_device_acl = [ \"/dev/null\", \"/dev/full\", \"/dev/zero\" ]
> save_image_format = \"gzip\"
>
> hugetlbfs_mount = \"/dev/hugepages\"
> +
> +relaxed_acs_check = 1
> "
>
> test Libvirtd_qemu.lns get conf =
> @@ -195,4 +197,6 @@ hugetlbfs_mount = \"/dev/hugepages\"
> { "#empty" }
> { "save_image_format" = "gzip" }
> { "#empty" }
> -{ "hugetlbfs_mount" = "/dev/hugepages" }
> \ No newline at end of file
> +{ "hugetlbfs_mount" = "/dev/hugepages" }
> +{ "#empty" }
> +{ "relaxed_acs_check" = "1" }
ACK, thanks !
Daniel
--
Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/
daniel@xxxxxxxxxxxx | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library http://libvirt.org/
--
Libvir-list mailing list
Libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list