Add functions that will allow to set all the required cgroup stuff on
individual images taking a virStorageSourcePtr. Also convert functions
designed to setup whole backing chain to take advantage of the chagne.
---
src/qemu/qemu_cgroup.c | 92 +++++++++++++++++++++++++++++++-------------------
src/qemu/qemu_cgroup.h | 5 +++
2 files changed, 62 insertions(+), 35 deletions(-)
diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c
index a31558f..df46d61 100644
--- a/src/qemu/qemu_cgroup.c
+++ b/src/qemu/qemu_cgroup.c
@@ -49,27 +49,37 @@ static const char *const defaultDeviceACL[] = {
#define DEVICE_PTY_MAJOR 136
#define DEVICE_SND_MAJOR 116
-static int
-qemuSetupDiskPathAllow(virDomainDiskDefPtr disk,
- const char *path,
- size_t depth ATTRIBUTE_UNUSED,
- void *opaque)
+int
+qemuSetupImageCgroup(virDomainObjPtr vm,
+ virStorageSourcePtr src,
+ bool readonly)
{
- virDomainObjPtr vm = opaque;
qemuDomainObjPrivatePtr priv = vm->privateData;
int ret;
- VIR_DEBUG("Process path %s for disk", path);
- ret = virCgroupAllowDevicePath(priv->cgroup, path,
- (disk->readonly ? VIR_CGROUP_DEVICE_READ
+ if (!virCgroupHasController(priv->cgroup,
+ VIR_CGROUP_CONTROLLER_DEVICES))
+ return 0;
+
+ if (!src->path ||
+ virStorageSourceGetActualType(src) == VIR_STORAGE_TYPE_NETWORK) {
+ VIR_DEBUG("Not updating cgroups for disk path '%s', type: %s",
+ NULLSTR(src->path), virStorageTypeToString(src->type));
+ return 0;
+ }
+
+ VIR_DEBUG("Process path %s for disk", src->path);
+
+ ret = virCgroupAllowDevicePath(priv->cgroup, src->path,
+ (readonly ? VIR_CGROUP_DEVICE_READ
: VIR_CGROUP_DEVICE_RW));
- virDomainAuditCgroupPath(vm, priv->cgroup, "allow", path,
- disk->readonly ? "r" : "rw", ret == 0);
+ virDomainAuditCgroupPath(vm, priv->cgroup, "allow", src->path,
+ readonly ? "r" : "rw", ret == 0);
/* Get this for root squash NFS */
if (ret < 0 &&
virLastErrorIsSystemErrno(EACCES)) {
- VIR_DEBUG("Ignoring EACCES for %s", path);
+ VIR_DEBUG("Ignoring EACCES for %s", src->path);
virResetLastError();
ret = 0;
}
@@ -81,38 +91,51 @@ int
qemuSetupDiskCgroup(virDomainObjPtr vm,
virDomainDiskDefPtr disk)
{
- qemuDomainObjPrivatePtr priv = vm->privateData;
+ virStorageSourcePtr next;
- if (!virCgroupHasController(priv->cgroup,
- VIR_CGROUP_CONTROLLER_DEVICES))
- return 0;
+ for (next = disk->src; next; next = next->backingStore) {
+ if (qemuSetupImageCgroup(vm, next, disk->readonly) < 0)
+ return -1;
- return virDomainDiskDefForeachPath(disk, true, qemuSetupDiskPathAllow, vm);
+ }
+
+ return 0;
}
-static int
-qemuTeardownDiskPathDeny(virDomainDiskDefPtr disk ATTRIBUTE_UNUSED,
- const char *path,
- size_t depth ATTRIBUTE_UNUSED,
- void *opaque)
+int
+qemuTeardownImageCgroup(virDomainObjPtr vm,
+ virStorageSourcePtr src)
{
- virDomainObjPtr vm = opaque;
qemuDomainObjPrivatePtr priv = vm->privateData;
int ret;
- VIR_DEBUG("Process path %s for disk", path);
- ret = virCgroupDenyDevicePath(priv->cgroup, path,
+ if (!virCgroupHasController(priv->cgroup,
+ VIR_CGROUP_CONTROLLER_DEVICES))
+ return 0;
+
+ if (!src->path ||
+ virStorageSourceGetActualType(src) == VIR_STORAGE_TYPE_NETWORK) {
+ VIR_DEBUG("Not updating cgroups for disk path '%s', type: %s",
+ NULLSTR(src->path), virStorageTypeToString(src->type));
+ return 0;
+ }
+
+ VIR_DEBUG("Process path %s for disk", src->path);
+
+ ret = virCgroupDenyDevicePath(priv->cgroup, src->path,
VIR_CGROUP_DEVICE_RWM);
- virDomainAuditCgroupPath(vm, priv->cgroup, "deny", path, "rwm", ret == 0);
+ virDomainAuditCgroupPath(vm, priv->cgroup, "deny", src->path,
+ "rwm", ret == 0);
/* Get this for root squash NFS */
if (ret < 0 &&
virLastErrorIsSystemErrno(EACCES)) {
- VIR_DEBUG("Ignoring EACCES for %s", path);
+ VIR_DEBUG("Ignoring EACCES for %s", src->path);
virResetLastError();
ret = 0;
}
+
return ret;
}
@@ -121,18 +144,17 @@ int
qemuTeardownDiskCgroup(virDomainObjPtr vm,
virDomainDiskDefPtr disk)
{
- qemuDomainObjPrivatePtr priv = vm->privateData;
+ virStorageSourcePtr next;
- if (!virCgroupHasController(priv->cgroup,
- VIR_CGROUP_CONTROLLER_DEVICES))
- return 0;
+ for (next = disk->src; next; next = next->backingStore) {
+ if (qemuTeardownImageCgroup(vm, next) < 0)
+ return -1;
+ }
- return virDomainDiskDefForeachPath(disk,
- true,
- qemuTeardownDiskPathDeny,
- vm);
+ return 0;
}
+
static int
qemuSetupChrSourceCgroup(virDomainDefPtr def ATTRIBUTE_UNUSED,
virDomainChrSourceDefPtr dev,
diff --git a/src/qemu/qemu_cgroup.h b/src/qemu/qemu_cgroup.h
index 14404d1..3ee081e 100644
--- a/src/qemu/qemu_cgroup.h
+++ b/src/qemu/qemu_cgroup.h
@@ -29,8 +29,13 @@
# include "domain_conf.h"
# include "qemu_conf.h"
+int qemuSetupImageCgroup(virDomainObjPtr vm,
+ virStorageSourcePtr src,
+ bool readonly);
int qemuSetupDiskCgroup(virDomainObjPtr vm,
virDomainDiskDefPtr disk);
+int qemuTeardownImageCgroup(virDomainObjPtr vm,
+ virStorageSourcePtr src);
int qemuTeardownDiskCgroup(virDomainObjPtr vm,
virDomainDiskDefPtr disk);
int qemuSetupHostdevCGroup(virDomainObjPtr vm,
--
1.9.3
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list