hostdev has mode "capabilities" for LXC, from formatdomain.html:
"
Block / character devices from the host can be passed through to
the guest using the hostdev element.
This is only possible with container based virtualization.
since after 1.0.1 for LXC
"
So forbid capabilities mode hostdev if domain is not LXC.
The affected files are:
* src/libxl/libxl_domain.c
* src/openvz/openvz_driver.c
* src/qemu/qemu_domain.c
* src/uml/uml_driver.c
* src/xen/xen_driver.c
* src/xenapi/xenapi_driver.c
There are some drivers lack function devicesPostParseCallback(),
like: vbox, bhyve, and so on.
V3: move the hostdev checking to devicesPostParseCallback(),
this is more reasonable to check it in define phase, and
implement in each driver.
V2: move the hostdev checking to qemuBuildCommandLine().
Signed-off-by: Jincheng Miao <jmiao@xxxxxxxxxx>
---
src/libxl/libxl_domain.c | 8 ++++++++
src/openvz/openvz_driver.c | 9 +++++++++
src/qemu/qemu_domain.c | 9 +++++++++
src/uml/uml_driver.c | 9 +++++++++
src/xen/xen_driver.c | 9 +++++++++
src/xenapi/xenapi_driver.c | 9 +++++++++
6 files changed, 53 insertions(+)
diff --git a/src/libxl/libxl_domain.c b/src/libxl/libxl_domain.c
index 73242ac..96f3b88 100644
--- a/src/libxl/libxl_domain.c
+++ b/src/libxl/libxl_domain.c
@@ -485,6 +485,14 @@ libxlDomainDeviceDefPostParse(virDomainDeviceDefPtr dev,
if (dev->type == VIR_DOMAIN_DEVICE_HOSTDEV) {
virDomainHostdevDefPtr hostdev = dev->data.hostdev;
+ /* forbid capabilities mode hostdev in this kind of hypervisor */
+ if (hostdev->mode == VIR_DOMAIN_HOSTDEV_MODE_CAPABILITIES) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("Unsupported capabilities mode hostdev in %s"),
+ virDomainVirtTypeToString(def->virtType));
+ return -1;
+ }
+
if (hostdev->mode == VIR_DOMAIN_HOSTDEV_MODE_SUBSYS &&
hostdev->source.subsys.type == VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI &&
hostdev->source.subsys.u.pci.backend == VIR_DOMAIN_HOSTDEV_PCI_BACKEND_DEFAULT)
diff --git a/src/openvz/openvz_driver.c b/src/openvz/openvz_driver.c
index 4c815ed..8635f50 100644
--- a/src/openvz/openvz_driver.c
+++ b/src/openvz/openvz_driver.c
@@ -113,6 +113,15 @@ openvzDomainDeviceDefPostParse(virDomainDeviceDefPtr dev,
dev->data.chr->targetType == VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_NONE)
dev->data.chr->targetType = VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_OPENVZ;
+ /* forbid capabilities mode hostdev in this kind of hypervisor */
+ if (dev->type == VIR_DOMAIN_DEVICE_HOSTDEV &&
+ dev->data.hostdev->mode == VIR_DOMAIN_HOSTDEV_MODE_CAPABILITIES) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("Unsupported capabilities mode hostdev in %s"),
+ virDomainVirtTypeToString(def->virtType));
+ return -1;
+ }
+
return 0;
}
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index e40c5ec..9c07385 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -940,6 +940,15 @@ qemuDomainDeviceDefPostParse(virDomainDeviceDefPtr dev,
dev->data.chr->source.data.nix.listen = true;
}
+ /* forbid capabilities mode hostdev in this kind of hypervisor */
+ if (dev->type == VIR_DOMAIN_DEVICE_HOSTDEV &&
+ dev->data.hostdev->mode == VIR_DOMAIN_HOSTDEV_MODE_CAPABILITIES) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("Unsupported capabilities mode hostdev in %s"),
+ virDomainVirtTypeToString(def->virtType));
+ goto cleanup;
+ }
+
ret = 0;
cleanup:
diff --git a/src/uml/uml_driver.c b/src/uml/uml_driver.c
index 5ccd443..9990fc0 100644
--- a/src/uml/uml_driver.c
+++ b/src/uml/uml_driver.c
@@ -430,6 +430,15 @@ umlDomainDeviceDefPostParse(virDomainDeviceDefPtr dev,
dev->data.chr->targetType == VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_NONE)
dev->data.chr->targetType = VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_UML;
+ /* forbid capabilities mode hostdev in this kind of hypervisor */
+ if (dev->type == VIR_DOMAIN_DEVICE_HOSTDEV &&
+ dev->data.hostdev->mode == VIR_DOMAIN_HOSTDEV_MODE_CAPABILITIES) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("Unsupported capabilities mode hostdev in %s"),
+ virDomainVirtTypeToString(def->virtType));
+ return -1;
+ }
+
return 0;
}
diff --git a/src/xen/xen_driver.c b/src/xen/xen_driver.c
index bd51909..9882bd4 100644
--- a/src/xen/xen_driver.c
+++ b/src/xen/xen_driver.c
@@ -343,6 +343,15 @@ xenDomainDeviceDefPostParse(virDomainDeviceDefPtr dev,
STRNEQ(def->os.type, "hvm"))
dev->data.chr->targetType = VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_XEN;
+ /* forbid capabilities mode hostdev in this kind of hypervisor */
+ if (dev->type == VIR_DOMAIN_DEVICE_HOSTDEV &&
+ dev->data.hostdev->mode == VIR_DOMAIN_HOSTDEV_MODE_CAPABILITIES) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("Unsupported capabilities mode hostdev in %s"),
+ virDomainVirtTypeToString(def->virtType));
+ return -1;
+ }
+
return 0;
}
diff --git a/src/xenapi/xenapi_driver.c b/src/xenapi/xenapi_driver.c
index 908448b..c2fe8a1 100644
--- a/src/xenapi/xenapi_driver.c
+++ b/src/xenapi/xenapi_driver.c
@@ -55,6 +55,15 @@ xenapiDomainDeviceDefPostParse(virDomainDeviceDefPtr dev,
STRNEQ(def->os.type, "hvm"))
dev->data.chr->targetType = VIR_DOMAIN_CHR_CONSOLE_TARGET_TYPE_XEN;
+ /* forbid capabilities mode hostdev in this kind of hypervisor */
+ if (dev->type == VIR_DOMAIN_DEVICE_HOSTDEV &&
+ dev->data.hostdev->mode == VIR_DOMAIN_HOSTDEV_MODE_CAPABILITIES) {
+ virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
+ _("Unsupported capabilities mode hostdev in %s"),
+ virDomainVirtTypeToString(def->virtType));
+ return -1;
+ }
+
return 0;
}
--
1.8.4.2
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list