Libvirt adds a USB controller to the guest even if the user does not specify any in the XML. This is due to back-compat reasons. To allow disabling USB for a guest this patch adds a new USB controller type "none" that disables USB support for the guest. --- Diff to v2: - added docs to formatdomain.hmtl - changed error reporting functions to global ones --- docs/formatdomain.html.in | 6 +++- docs/schemas/domaincommon.rng | 1 + src/conf/domain_conf.c | 55 ++++++++++++++++++++++++++++++++++++++++- src/conf/domain_conf.h | 1 + src/qemu/qemu_command.c | 3 +- 5 files changed, 62 insertions(+), 4 deletions(-) diff --git a/docs/formatdomain.html.in b/docs/formatdomain.html.in index b8db76e..d898eaf 100644 --- a/docs/formatdomain.html.in +++ b/docs/formatdomain.html.in @@ -1839,8 +1839,10 @@ A "usb" controller has an optional attribute <code>model</code>, which is one of "piix3-uhci", "piix4-uhci", "ehci", "ich9-ehci1", "ich9-uhci1", "ich9-uhci2", "ich9-uhci3", - "vt82c686b-uhci", "pci-ohci" or "nec-xhci". The PowerPC64 - "spapr-vio" addresses do not have an associated controller. + "vt82c686b-uhci", "pci-ohci" or "nec-xhci". Additionally, + <span class="since">since 0.9.14</span>, if the USB bus needs to be + explicitly disabled for the guest, <code>model='none'</code> may be used. + The PowerPC64 "spapr-vio" addresses do not have an associated controller. </p> <p> diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng index b7562ad..c85d763 100644 --- a/docs/schemas/domaincommon.rng +++ b/docs/schemas/domaincommon.rng @@ -1222,6 +1222,7 @@ <value>vt82c686b-uhci</value> <value>pci-ohci</value> <value>nec-xhci</value> + <value>none</value> </choice> </attribute> </optional> diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index c53722a..cf3b1c4 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -258,7 +258,8 @@ VIR_ENUM_IMPL(virDomainControllerModelUSB, VIR_DOMAIN_CONTROLLER_MODEL_USB_LAST, "ich9-uhci3", "vt82c686b-uhci", "pci-ohci", - "nec-xhci") + "nec-xhci", + "none") VIR_ENUM_IMPL(virDomainFS, VIR_DOMAIN_FS_TYPE_LAST, "mount", @@ -7917,6 +7918,8 @@ static virDomainDefPtr virDomainDefParseXML(virCapsPtr caps, virBitmapPtr bootMap = NULL; unsigned long bootMapSize = 0; xmlNodePtr cur; + bool usb_none = false; + bool usb_other = false; if (VIR_ALLOC(def) < 0) { virReportOOMError(); @@ -8642,6 +8645,27 @@ static virDomainDefPtr virDomainDefParseXML(virCapsPtr caps, if (!controller) goto error; + /* sanitize handling of "none" usb controller */ + if (controller->type == VIR_DOMAIN_CONTROLLER_TYPE_USB) { + if (controller->model == VIR_DOMAIN_CONTROLLER_MODEL_USB_NONE) { + if (usb_other || usb_none) { + virReportError(VIR_ERR_XML_DETAIL, "%s", + _("Can't add another USB controller: " + "USB is disabled for this domain")); + goto error; + } + usb_none = true; + } else { + if (usb_none) { + virReportError(VIR_ERR_XML_DETAIL, "%s", + _("Can't add another USB controller: " + "USB is disabled for this domain")); + goto error; + } + usb_other = true; + } + } + virDomainControllerInsertPreAlloced(def, controller); } VIR_FREE(nodes); @@ -8916,6 +8940,13 @@ static virDomainDefPtr virDomainDefParseXML(virCapsPtr caps, if (!input) goto error; + /* Check if USB bus is required */ + if (input->bus == VIR_DOMAIN_INPUT_BUS_USB && usb_none) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("Can't add USB input device. " + "USB bus is disabled")); + goto error; + } /* With QEMU / KVM / Xen graphics, mouse + PS/2 is implicit * with graphics, so don't store it. @@ -9043,6 +9074,14 @@ static virDomainDefPtr virDomainDefParseXML(virCapsPtr caps, if (!hostdev) goto error; + if (hostdev->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB && + usb_none) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("Can't add USB device passthrough: " + "USB is disabled in this host")); + goto error; + } + def->hostdevs[def->nhostdevs++] = hostdev; } VIR_FREE(nodes); @@ -9112,6 +9151,13 @@ static virDomainDefPtr virDomainDefParseXML(virCapsPtr caps, if (!hub) goto error; + if (hub->type == VIR_DOMAIN_HUB_TYPE_USB && usb_none) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("Can't add USB hub: " + "USB is disabled for this domain")); + goto error; + } + def->hubs[def->nhubs++] = hub; } VIR_FREE(nodes); @@ -9128,6 +9174,13 @@ static virDomainDefPtr virDomainDefParseXML(virCapsPtr caps, if (!redirdev) goto error; + if (redirdev->bus == VIR_DOMAIN_REDIRDEV_BUS_USB && usb_none) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("Can't add USB redir device: " + "USB is disabled for this domain")); + goto error; + } + def->redirdevs[def->nredirdevs++] = redirdev; } VIR_FREE(nodes); diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index 469d3b6..203eebf 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -633,6 +633,7 @@ enum virDomainControllerModelUSB { VIR_DOMAIN_CONTROLLER_MODEL_USB_VT82C686B_UHCI, VIR_DOMAIN_CONTROLLER_MODEL_USB_PCI_OHCI, VIR_DOMAIN_CONTROLLER_MODEL_USB_NEC_XHCI, + VIR_DOMAIN_CONTROLLER_MODEL_USB_NONE, VIR_DOMAIN_CONTROLLER_MODEL_USB_LAST }; diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index edd1840..7127e70 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -107,7 +107,8 @@ VIR_ENUM_IMPL(qemuControllerModelUSB, VIR_DOMAIN_CONTROLLER_MODEL_USB_LAST, "ich9-usb-uhci3", "vt82c686b-usb-uhci", "pci-ohci", - "nec-usb-xhci"); + "nec-usb-xhci", + "none"); VIR_ENUM_DECL(qemuDomainFSDriver) VIR_ENUM_IMPL(qemuDomainFSDriver, VIR_DOMAIN_FS_DRIVER_TYPE_LAST, -- 1.7.8.6 -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list