[PATCH 10/23] Add support for USB host device passthrough with LXC

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: "Daniel P. Berrange" <berrange@xxxxxxxxxx>

This adds support for host device passthrough with the
LXC driver. Since there is only a single kernel image,
it doesn't make sense to pass through PCI devices, but
USB devices are fine. For the latter we merely need to
make the /dev/bus/usb/NNN/MMM character device exist
in the container's /dev

Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx>
---
 src/Makefile.am         |   1 +
 src/lxc/lxc_cgroup.c    |  64 ++++++++
 src/lxc/lxc_cgroup.h    |  12 ++
 src/lxc/lxc_conf.h      |   3 +
 src/lxc/lxc_container.c | 124 ++++++++++++++-
 src/lxc/lxc_driver.c    |   6 +
 src/lxc/lxc_hostdev.c   | 390 ++++++++++++++++++++++++++++++++++++++++++++++++
 src/lxc/lxc_hostdev.h   |  43 ++++++
 src/lxc/lxc_process.c   |  11 ++
 9 files changed, 653 insertions(+), 1 deletion(-)
 create mode 100644 src/lxc/lxc_hostdev.c
 create mode 100644 src/lxc/lxc_hostdev.h

diff --git a/src/Makefile.am b/src/Makefile.am
index 627dbb5..c3459a5 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -411,6 +411,7 @@ LXC_DRIVER_SOURCES =						\
 		lxc/lxc_container.c lxc/lxc_container.h		\
 		lxc/lxc_cgroup.c lxc/lxc_cgroup.h		\
 		lxc/lxc_domain.c lxc/lxc_domain.h		\
+		lxc/lxc_hostdev.c lxc/lxc_hostdev.h		\
 		lxc/lxc_monitor.c lxc/lxc_monitor.h		\
 		lxc/lxc_process.c lxc/lxc_process.h		\
 		lxc/lxc_fuse.c lxc/lxc_fuse.h			\
diff --git a/src/lxc/lxc_cgroup.c b/src/lxc/lxc_cgroup.c
index 0636869..14c840a 100644
--- a/src/lxc/lxc_cgroup.c
+++ b/src/lxc/lxc_cgroup.c
@@ -291,6 +291,49 @@ struct _virLXCCgroupDevicePolicy {
 };
 
 
+int
+virLXCSetupHostUsbDeviceCgroup(usbDevice *dev ATTRIBUTE_UNUSED,
+                               const char *path,
+                               void *opaque)
+{
+    virCgroupPtr cgroup = opaque;
+    int rc;
+
+    VIR_DEBUG("Process path '%s' for USB device", path);
+    rc = virCgroupAllowDevicePath(cgroup, path,
+                                  VIR_CGROUP_DEVICE_RW);
+    if (rc < 0) {
+        virReportSystemError(-rc,
+                             _("Unable to allow device %s"),
+                             path);
+        return -1;
+    }
+
+    return 0;
+}
+
+
+int
+virLXCTeardownHostUsbDeviceCgroup(usbDevice *dev ATTRIBUTE_UNUSED,
+                                  const char *path,
+                                  void *opaque)
+{
+    virCgroupPtr cgroup = opaque;
+    int rc;
+
+    VIR_DEBUG("Process path '%s' for USB device", path);
+    rc = virCgroupDenyDevicePath(cgroup, path,
+                                 VIR_CGROUP_DEVICE_RW);
+    if (rc < 0) {
+        virReportSystemError(-rc,
+                             _("Unable to deny device %s"),
+                             path);
+        return -1;
+    }
+
+    return 0;
+}
+
 
 static int virLXCCgroupSetupDeviceACL(virDomainDefPtr def,
                                       virCgroupPtr cgroup)
@@ -367,6 +410,27 @@ static int virLXCCgroupSetupDeviceACL(virDomainDefPtr def,
         }
     }
 
+    for (i = 0; i < def->nhostdevs; i++) {
+        virDomainHostdevDefPtr hostdev = def->hostdevs[i];
+        usbDevice *usb;
+
+        if (hostdev->mode != VIR_DOMAIN_HOSTDEV_MODE_SUBSYS)
+            continue;
+        if (hostdev->source.subsys.type != VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB)
+            continue;
+        if (hostdev->missing)
+            continue;
+
+        if ((usb = usbGetDevice(hostdev->source.subsys.u.usb.bus,
+                                hostdev->source.subsys.u.usb.device,
+                                NULL)) == NULL)
+            goto cleanup;
+
+        if (usbDeviceFileIterate(usb, virLXCSetupHostUsbDeviceCgroup,
+                                 cgroup) < 0)
+            goto cleanup;
+    }
+
     rc = virCgroupAllowDeviceMajor(cgroup, 'c', LXC_DEV_MAJ_PTY,
                                    VIR_CGROUP_DEVICE_RWM);
     if (rc != 0) {
diff --git a/src/lxc/lxc_cgroup.h b/src/lxc/lxc_cgroup.h
index 6961943..c1d4551 100644
--- a/src/lxc/lxc_cgroup.h
+++ b/src/lxc/lxc_cgroup.h
@@ -24,7 +24,19 @@
 
 # include "domain_conf.h"
 # include "lxc_fuse.h"
+# include "hostusb.h"
 
 int virLXCCgroupSetup(virDomainDefPtr def);
 int virLXCCgroupGetMeminfo(virLXCMeminfoPtr meminfo);
+
+int
+virLXCSetupHostUsbDeviceCgroup(usbDevice *dev,
+                               const char *path,
+                               void *opaque);
+
+int
+virLXCTeardownHostUsbDeviceCgroup(usbDevice *dev,
+                                  const char *path,
+                                  void *opaque);
+
 #endif /* __VIR_LXC_CGROUP_H__ */
diff --git a/src/lxc/lxc_conf.h b/src/lxc/lxc_conf.h
index 4ae0c5e..a6872ea 100644
--- a/src/lxc/lxc_conf.h
+++ b/src/lxc/lxc_conf.h
@@ -35,6 +35,7 @@
 # include "cgroup.h"
 # include "security/security_manager.h"
 # include "configmake.h"
+# include "hostusb.h"
 
 # define LXC_DRIVER_NAME "LXC"
 
@@ -60,6 +61,8 @@ struct _virLXCDriver {
     int log_libvirtd;
     int have_netns;
 
+    usbDeviceList *activeUsbHostdevs;
+
     virDomainEventStatePtr domainEventState;
 
     char *securityDriverName;
diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c
index be26de9..0a407bf 100644
--- a/src/lxc/lxc_container.c
+++ b/src/lxc/lxc_container.c
@@ -1311,6 +1311,124 @@ static int lxcContainerSetupAllDisks(virDomainDefPtr vmDef,
 }
 
 
+static int lxcContainerSetupHostdevSubsysUSB(virDomainDefPtr vmDef ATTRIBUTE_UNUSED,
+                                             virDomainHostdevDefPtr def ATTRIBUTE_UNUSED,
+                                             const char *dstprefix ATTRIBUTE_UNUSED,
+                                             virSecurityManagerPtr securityDriver ATTRIBUTE_UNUSED)
+{
+    int ret = -1;
+    char *src = NULL;
+    char *dstdir = NULL;
+    char *dstfile = NULL;
+    struct stat sb;
+    mode_t mode;
+
+    if (virAsprintf(&dstdir, "/dev/bus/usb/%03d",
+                    def->source.subsys.u.usb.bus) < 0) {
+        virReportOOMError();
+        goto cleanup;
+    }
+
+    if (virAsprintf(&dstfile, "%s/%03d",
+                    dstdir,
+                    def->source.subsys.u.usb.device) < 0) {
+        virReportOOMError();
+        goto cleanup;
+    }
+
+    if (virAsprintf(&src, "%s/%s", dstprefix, dstfile) < 0) {
+        virReportOOMError();
+        goto cleanup;
+    }
+
+    if (stat(src, &sb) < 0) {
+        virReportSystemError(errno,
+                             _("Unable to access %s"), src);
+        goto cleanup;
+    }
+
+    if (!S_ISCHR(sb.st_mode)) {
+        virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                       _("USB source %s was not a character device"),
+                       src);
+        goto cleanup;
+    }
+
+    mode = 0700 | S_IFCHR;
+
+    if (virFileMakePath(dstdir) < 0) {
+        virReportSystemError(errno,
+                             _("Unable to create %s"), dstdir);
+        goto cleanup;
+    }
+
+    VIR_DEBUG("Creating dev %s (%d,%d)",
+              dstfile, major(sb.st_rdev), minor(sb.st_rdev));
+    if (mknod(dstfile, mode, sb.st_rdev) < 0) {
+        virReportSystemError(errno,
+                             _("Unable to create device %s"),
+                             dstfile);
+        goto cleanup;
+    }
+
+    if (virSecurityManagerSetHostdevLabel(securityDriver, vmDef, def, NULL) < 0)
+        goto cleanup;
+
+    ret = 0;
+
+cleanup:
+    VIR_FREE(src);
+    VIR_FREE(dstfile);
+    VIR_FREE(dstdir);
+    return ret;
+}
+
+
+static int lxcContainerSetupHostdevSubsys(virDomainDefPtr vmDef,
+                                          virDomainHostdevDefPtr def,
+                                          const char *dstprefix,
+                                          virSecurityManagerPtr securityDriver)
+{
+    switch (def->source.subsys.type) {
+    case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB:
+        return lxcContainerSetupHostdevSubsysUSB(vmDef, def, dstprefix, securityDriver);
+
+    default:
+        virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                       _("Unsupported host device mode %s"),
+                       virDomainHostdevSubsysTypeToString(def->source.subsys.type));
+        return -1;
+    }
+}
+
+
+static int lxcContainerSetupAllHostdevs(virDomainDefPtr vmDef,
+                                        const char *dstprefix,
+                                        virSecurityManagerPtr securityDriver)
+{
+    size_t i;
+    VIR_DEBUG("Setting up hostdevs %s", dstprefix);
+
+    for (i = 0 ; i < vmDef->nhostdevs ; i++) {
+        virDomainHostdevDefPtr def = vmDef->hostdevs[i];
+        switch (def->mode) {
+        case VIR_DOMAIN_HOSTDEV_MODE_SUBSYS:
+            if (lxcContainerSetupHostdevSubsys(vmDef, def, dstprefix, securityDriver) < 0)
+                return -1;
+            break;
+        default:
+            virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                           _("Unsupported host device mode %s"),
+                           virDomainHostdevModeTypeToString(def->mode));
+            return -1;
+        }
+    }
+
+    VIR_DEBUG("Setup all hostdevs");
+    return 0;
+}
+
+
 static int lxcContainerGetSubtree(const char *prefix,
                                   char ***mountsret,
                                   size_t *nmountsret)
@@ -1710,7 +1828,11 @@ static int lxcContainerSetupPivotRoot(virDomainDefPtr vmDef,
     if (lxcContainerSetupAllDisks(vmDef, "/.oldroot", securityDriver) < 0)
         goto cleanup;
 
-    /* Gets rid of all remaining mounts from host OS, including /.oldroot itself */
+    /* Sets up any extra host devices from guest config */
+    if (lxcContainerSetupAllHostdevs(vmDef, "/.oldroot", securityDriver) < 0)
+        goto cleanup;
+
+   /* Gets rid of all remaining mounts from host OS, including /.oldroot itself */
     if (lxcContainerUnmountSubtree("/.oldroot", true) < 0)
         goto cleanup;
 
diff --git a/src/lxc/lxc_driver.c b/src/lxc/lxc_driver.c
index 2e9cfe4..1c6ec8c 100644
--- a/src/lxc/lxc_driver.c
+++ b/src/lxc/lxc_driver.c
@@ -42,6 +42,7 @@
 #include "lxc_container.h"
 #include "lxc_domain.h"
 #include "lxc_driver.h"
+#include "lxc_hostdev.h"
 #include "lxc_process.h"
 #include "memory.h"
 #include "util.h"
@@ -1463,6 +1464,9 @@ static int lxcStartup(int privileged)
     if ((lxc_driver->caps = lxcCapsInit(lxc_driver)) == NULL)
         goto cleanup;
 
+    if ((lxc_driver->activeUsbHostdevs = usbDeviceListNew()) == NULL)
+        goto cleanup;
+
     virLXCDomainSetPrivateDataHooks(lxc_driver->caps);
 
     if (virLXCProcessAutoDestroyInit(lxc_driver) < 0)
@@ -1548,6 +1552,8 @@ static int lxcShutdown(void)
     virDomainObjListDeinit(&lxc_driver->domains);
     virDomainEventStateFree(lxc_driver->domainEventState);
 
+    usbDeviceListFree(lxc_driver->activeUsbHostdevs);
+
     virLXCProcessAutoDestroyShutdown(lxc_driver);
 
     virCapabilitiesFree(lxc_driver->caps);
diff --git a/src/lxc/lxc_hostdev.c b/src/lxc/lxc_hostdev.c
new file mode 100644
index 0000000..c063aa0
--- /dev/null
+++ b/src/lxc/lxc_hostdev.c
@@ -0,0 +1,390 @@
+/*
+ * virLXC_hostdev.c: VIRLXC hostdev management
+ *
+ * Copyright (C) 2006-2007, 2009-2012 Red Hat, Inc.
+ * Copyright (C) 2006 Daniel P. Berrange
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library.  If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * Author: Daniel P. Berrange <berrange@xxxxxxxxxx>
+ */
+
+#include <config.h>
+
+#include "lxc_hostdev.h"
+#include "logging.h"
+#include "virterror_internal.h"
+#include "memory.h"
+
+#define VIR_FROM_THIS VIR_FROM_LXC
+
+int
+virLXCUpdateActiveUsbHostdevs(virLXCDriverPtr driver,
+                              virDomainDefPtr def)
+{
+    virDomainHostdevDefPtr hostdev = NULL;
+    size_t i;
+
+    if (!def->nhostdevs)
+        return 0;
+
+    for (i = 0; i < def->nhostdevs; i++) {
+        usbDevice *usb = NULL;
+        hostdev = def->hostdevs[i];
+
+        if (hostdev->mode != VIR_DOMAIN_HOSTDEV_MODE_SUBSYS)
+            continue;
+        if (hostdev->source.subsys.type != VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB)
+            continue;
+
+        usb = usbGetDevice(hostdev->source.subsys.u.usb.bus,
+                           hostdev->source.subsys.u.usb.device,
+                           NULL);
+        if (!usb) {
+            VIR_WARN("Unable to reattach USB device %03d.%03d on domain %s",
+                     hostdev->source.subsys.u.usb.bus,
+                     hostdev->source.subsys.u.usb.device,
+                     def->name);
+            continue;
+        }
+
+        usbDeviceSetUsedBy(usb, def->name);
+
+        if (usbDeviceListAdd(driver->activeUsbHostdevs, usb) < 0) {
+            usbFreeDevice(usb);
+            return -1;
+        }
+    }
+
+    return 0;
+}
+
+
+int
+virLXCPrepareHostdevUSBDevices(virLXCDriverPtr driver,
+                               const char *name,
+                               usbDeviceList *list)
+{
+    size_t i, j;
+    unsigned int count;
+    usbDevice *tmp;
+
+    count = usbDeviceListCount(list);
+
+    for (i = 0; i < count; i++) {
+        usbDevice *usb = usbDeviceListGet(list, i);
+        if ((tmp = usbDeviceListFind(driver->activeUsbHostdevs, usb))) {
+            const char *other_name = usbDeviceGetUsedBy(tmp);
+
+            if (other_name)
+                virReportError(VIR_ERR_OPERATION_INVALID,
+                               _("USB device %s is in use by domain %s"),
+                               usbDeviceGetName(tmp), other_name);
+            else
+                virReportError(VIR_ERR_OPERATION_INVALID,
+                               _("USB device %s is already in use"),
+                               usbDeviceGetName(tmp));
+            goto error;
+        }
+
+        usbDeviceSetUsedBy(usb, name);
+        VIR_DEBUG("Adding %03d.%03d dom=%s to activeUsbHostdevs",
+                  usbDeviceGetBus(usb), usbDeviceGetDevno(usb), name);
+        /*
+         * The caller is responsible to steal these usb devices
+         * from the usbDeviceList that passed in on success,
+         * perform rollback on failure.
+         */
+        if (usbDeviceListAdd(driver->activeUsbHostdevs, usb) < 0)
+            goto error;
+    }
+    return 0;
+
+error:
+    for (j = 0; j < i; j++) {
+        tmp = usbDeviceListGet(list, i);
+        usbDeviceListSteal(driver->activeUsbHostdevs, tmp);
+    }
+    return -1;
+}
+
+int
+virLXCFindHostdevUSBDevice(virDomainHostdevDefPtr hostdev,
+                           bool mandatory,
+                           usbDevice **usb)
+{
+    unsigned vendor = hostdev->source.subsys.u.usb.vendor;
+    unsigned product = hostdev->source.subsys.u.usb.product;
+    unsigned bus = hostdev->source.subsys.u.usb.bus;
+    unsigned device = hostdev->source.subsys.u.usb.device;
+    bool autoAddress = hostdev->source.subsys.u.usb.autoAddress;
+    int rc;
+
+    *usb = NULL;
+
+    if (vendor && bus) {
+        rc = usbFindDevice(vendor, product, bus, device,
+                           NULL,
+                           autoAddress ? false : mandatory,
+                           usb);
+        if (rc < 0) {
+            return -1;
+        } else if (!autoAddress) {
+            goto out;
+        } else {
+            VIR_INFO("USB device %x:%x could not be found at previous"
+                     " address (bus:%u device:%u)",
+                     vendor, product, bus, device);
+        }
+    }
+
+    /* When vendor is specified, its USB address is either unspecified or the
+     * device could not be found at the USB device where it had been
+     * automatically found before.
+     */
+    if (vendor) {
+        usbDeviceList *devs;
+
+        rc = usbFindDeviceByVendor(vendor, product,
+                                   NULL,
+                                   mandatory, &devs);
+        if (rc < 0)
+            return -1;
+
+        if (rc == 1) {
+            *usb = usbDeviceListGet(devs, 0);
+            usbDeviceListSteal(devs, *usb);
+        }
+        usbDeviceListFree(devs);
+
+        if (rc == 0) {
+            goto out;
+        } else if (rc > 1) {
+            if (autoAddress) {
+                virReportError(VIR_ERR_OPERATION_FAILED,
+                               _("Multiple USB devices for %x:%x were found,"
+                                 " but none of them is at bus:%u device:%u"),
+                               vendor, product, bus, device);
+            } else {
+                virReportError(VIR_ERR_OPERATION_FAILED,
+                               _("Multiple USB devices for %x:%x, "
+                                 "use <address> to specify one"),
+                               vendor, product);
+            }
+            return -1;
+        }
+
+        hostdev->source.subsys.u.usb.bus = usbDeviceGetBus(*usb);
+        hostdev->source.subsys.u.usb.device = usbDeviceGetDevno(*usb);
+        hostdev->source.subsys.u.usb.autoAddress = true;
+
+        if (autoAddress) {
+            VIR_INFO("USB device %x:%x found at bus:%u device:%u (moved"
+                     " from bus:%u device:%u)",
+                     vendor, product,
+                     hostdev->source.subsys.u.usb.bus,
+                     hostdev->source.subsys.u.usb.device,
+                     bus, device);
+        }
+    } else if (!vendor && bus) {
+        if (usbFindDeviceByBus(bus, device,
+                               NULL,
+                               mandatory, usb) < 0)
+            return -1;
+    }
+
+out:
+    if (!*usb)
+        hostdev->missing = 1;
+    return 0;
+}
+
+static int
+virLXCPrepareHostUSBDevices(virLXCDriverPtr driver,
+                            virDomainDefPtr def)
+{
+    size_t i;
+    int ret = -1;
+    usbDeviceList *list;
+    usbDevice *tmp;
+    virDomainHostdevDefPtr *hostdevs = def->hostdevs;
+    int nhostdevs = def->nhostdevs;
+
+    /* To prevent situation where USB device is assigned to two domains
+     * we need to keep a list of currently assigned USB devices.
+     * This is done in several loops which cannot be joined into one big
+     * loop. See virLXCPrepareHostdevPCIDevices()
+     */
+    if (!(list = usbDeviceListNew()))
+        goto cleanup;
+
+    /* Loop 1: build temporary list
+     */
+    for (i = 0 ; i < nhostdevs ; i++) {
+        virDomainHostdevDefPtr hostdev = hostdevs[i];
+        bool required = true;
+        usbDevice *usb;
+
+        if (hostdev->mode != VIR_DOMAIN_HOSTDEV_MODE_SUBSYS)
+            continue;
+        if (hostdev->source.subsys.type != VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB)
+            continue;
+
+        if (hostdev->startupPolicy == VIR_DOMAIN_STARTUP_POLICY_OPTIONAL)
+            required = false;
+
+        if (virLXCFindHostdevUSBDevice(hostdev, required, &usb) < 0)
+            goto cleanup;
+
+        if (usb && usbDeviceListAdd(list, usb) < 0) {
+            usbFreeDevice(usb);
+            goto cleanup;
+        }
+    }
+
+    /* Mark devices in temporary list as used by @name
+     * and add them do driver list. However, if something goes
+     * wrong, perform rollback.
+     */
+    if (virLXCPrepareHostdevUSBDevices(driver, def->name, list) < 0)
+        goto cleanup;
+
+    /* Loop 2: Temporary list was successfully merged with
+     * driver list, so steal all items to avoid freeing them
+     * in cleanup label.
+     */
+    while (usbDeviceListCount(list) > 0) {
+        tmp = usbDeviceListGet(list, 0);
+        usbDeviceListSteal(list, tmp);
+    }
+
+    ret = 0;
+
+cleanup:
+    usbDeviceListFree(list);
+    return ret;
+}
+
+
+int virLXCPrepareHostDevices(virLXCDriverPtr driver,
+                             virDomainDefPtr def)
+{
+    size_t i;
+
+    if (!def->nhostdevs)
+        return 0;
+
+    /* Sanity check for supported configurations only */
+    for (i = 0 ; i < def->nhostdevs ; i++) {
+        virDomainHostdevDefPtr dev = def->hostdevs[i];
+
+        switch (dev->mode) {
+        case VIR_DOMAIN_HOSTDEV_MODE_SUBSYS:
+            switch (dev->source.subsys.type) {
+            case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB:
+                break;
+            default:
+                virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                               _("Unsupported hostdev type %s"),
+                               virDomainHostdevSubsysTypeToString(dev->source.subsys.type));
+                break;
+            }
+            break;
+
+        default:
+            virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+                           _("Unsupported hostdev mode %s"),
+                           virDomainHostdevModeTypeToString(dev->mode));
+            break;
+        }
+    }
+
+    if (virLXCPrepareHostUSBDevices(driver, def) < 0)
+        return -1;
+
+    return 0;
+}
+
+
+static void
+virLXCDomainReAttachHostUsbDevices(virLXCDriverPtr driver,
+                                   const char *name,
+                                   virDomainHostdevDefPtr *hostdevs,
+                                   int nhostdevs)
+{
+    size_t i;
+
+    for (i = 0; i < nhostdevs; i++) {
+        virDomainHostdevDefPtr hostdev = hostdevs[i];
+        usbDevice *usb, *tmp;
+        const char *used_by = NULL;
+
+        if (hostdev->mode != VIR_DOMAIN_HOSTDEV_MODE_SUBSYS)
+            continue;
+        if (hostdev->source.subsys.type != VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB)
+            continue;
+        if (hostdev->missing)
+            continue;
+
+        usb = usbGetDevice(hostdev->source.subsys.u.usb.bus,
+                           hostdev->source.subsys.u.usb.device,
+                           NULL);
+
+        if (!usb) {
+            VIR_WARN("Unable to reattach USB device %03d.%03d on domain %s",
+                     hostdev->source.subsys.u.usb.bus,
+                     hostdev->source.subsys.u.usb.device,
+                     name);
+            continue;
+        }
+
+        /* Delete only those USB devices which belongs
+         * to domain @name because virLXCProcessStart() might
+         * have failed because USB device is already taken.
+         * Therefore we want to steal only those devices from
+         * the list which were taken by @name */
+
+        tmp = usbDeviceListFind(driver->activeUsbHostdevs, usb);
+        usbFreeDevice(usb);
+
+        if (!tmp) {
+            VIR_WARN("Unable to find device %03d.%03d "
+                     "in list of active USB devices",
+                     hostdev->source.subsys.u.usb.bus,
+                     hostdev->source.subsys.u.usb.device);
+            continue;
+        }
+
+        used_by = usbDeviceGetUsedBy(tmp);
+        if (STREQ_NULLABLE(used_by, name)) {
+            VIR_DEBUG("Removing %03d.%03d dom=%s from activeUsbHostdevs",
+                      hostdev->source.subsys.u.usb.bus,
+                      hostdev->source.subsys.u.usb.device,
+                      name);
+
+            usbDeviceListDel(driver->activeUsbHostdevs, tmp);
+        }
+    }
+}
+
+void virLXCDomainReAttachHostDevices(virLXCDriverPtr driver,
+                                     virDomainDefPtr def)
+{
+    if (!def->nhostdevs)
+        return;
+
+    virLXCDomainReAttachHostUsbDevices(driver, def->name, def->hostdevs,
+                                     def->nhostdevs);
+}
diff --git a/src/lxc/lxc_hostdev.h b/src/lxc/lxc_hostdev.h
new file mode 100644
index 0000000..dd98112
--- /dev/null
+++ b/src/lxc/lxc_hostdev.h
@@ -0,0 +1,43 @@
+/*
+ * virLXC_hostdev.h: VIRLXC hostdev management
+ *
+ * Copyright (C) 2006-2007, 2009-2010 Red Hat, Inc.
+ * Copyright (C) 2006 Daniel P. Berrange
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library.  If not, see
+ * <http://www.gnu.org/licenses/>.
+ *
+ * Author: Daniel P. Berrange <berrange@xxxxxxxxxx>
+ */
+
+#ifndef __LXC_HOSTDEV_H__
+# define __LXC_HOSTDEV_H__
+
+# include "lxc_conf.h"
+# include "domain_conf.h"
+
+int virLXCUpdateActiveUsbHostdevs(virLXCDriverPtr driver,
+                                  virDomainDefPtr def);
+int virLXCFindHostdevUSBDevice(virDomainHostdevDefPtr hostdev,
+                               bool mandatory,
+                               usbDevice **usb);
+int virLXCPrepareHostdevUSBDevices(virLXCDriverPtr driver,
+                                   const char *name,
+                                   usbDeviceList *list);
+int virLXCPrepareHostDevices(virLXCDriverPtr driver,
+                             virDomainDefPtr def);
+void virLXCDomainReAttachHostDevices(virLXCDriverPtr driver,
+                                     virDomainDefPtr def);
+
+#endif /* __LXC_HOSTDEV_H__ */
diff --git a/src/lxc/lxc_process.c b/src/lxc/lxc_process.c
index 72e1be3..607e826 100644
--- a/src/lxc/lxc_process.c
+++ b/src/lxc/lxc_process.c
@@ -44,6 +44,7 @@
 #include "logging.h"
 #include "command.h"
 #include "hooks.h"
+#include "lxc_hostdev.h"
 
 #define VIR_FROM_THIS VIR_FROM_LXC
 
@@ -252,6 +253,8 @@ static void virLXCProcessCleanup(virLXCDriverPtr driver,
     vm->pid = -1;
     vm->def->id = -1;
 
+    virLXCDomainReAttachHostDevices(driver, vm->def);
+
     for (i = 0 ; i < vm->def->nnets ; i++) {
         virDomainNetDefPtr iface = vm->def->nets[i];
         vport = virDomainNetGetActualVirtPortProfile(iface);
@@ -973,6 +976,11 @@ int virLXCProcessStart(virConnectPtr conn,
             goto cleanup;
     }
 
+    /* Must be run before security labelling */
+    VIR_DEBUG("Preparing host devices");
+    if (virLXCPrepareHostDevices(driver, vm->def) < 0)
+        goto cleanup;
+
     /* Here we open all the PTYs we need on the host OS side.
      * The LXC controller will open the guest OS side PTYs
      * and forward I/O between them.
@@ -1298,6 +1306,9 @@ virLXCProcessReconnectDomain(void *payload, const void *name ATTRIBUTE_UNUSED, v
         if (!(priv->monitor = virLXCProcessConnectMonitor(driver, vm)))
             goto error;
 
+        if (virLXCUpdateActiveUsbHostdevs(driver, vm->def) < 0)
+            goto error;
+
         if (virSecurityManagerReserveLabel(driver->securityManager,
                                            vm->def, vm->pid) < 0)
             goto error;
-- 
1.8.0.1

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list


[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]