[PATCH V2 1/1] Add hw random number generator (/dev/hwrng) to cgroup ACL

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

From: "Pradipta Kr. Banerjee" <bpradip@xxxxxxxxxx>

Creating a qemu VM with /dev/hwrng as backend RNG device throws the
following error - "Could not open '/dev/hwrng': Permission denied"
This patch fixes the issue

Signed-off-by: Pradipta Kr. Banerjee <bpradip@xxxxxxxxxx>
---
 src/qemu/qemu_cgroup.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c
index f0cacd0..8e2076e 100644
--- a/src/qemu/qemu_cgroup.c
+++ b/src/qemu/qemu_cgroup.c
@@ -533,6 +533,18 @@ qemuSetupDevicesCgroup(virQEMUDriverPtr driver,
             goto cleanup;
     }
 
+    if (vm->def->rng &&
+        (vm->def->rng->backend == VIR_DOMAIN_RNG_BACKEND_RANDOM)) {
+            VIR_DEBUG("Setting Cgroup ACL for RNG device");
+            rv = virCgroupAllowDevicePath(priv->cgroup, vm->def->rng->source.file,
+                                           VIR_CGROUP_DEVICE_RW);
+            virDomainAuditCgroupPath(vm, priv->cgroup, "allow",
+                                      vm->def->rng->source.file, "rw", rv == 0);
+            if (rv < 0 &&
+                 !virLastErrorIsSystemErrno(ENOENT))
+                goto cleanup;
+    }
+
     ret = 0;
 cleanup:
     virObjectUnref(cfg);
-- 
1.8.3.1

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]