Re: Using cgroups in QEMU hooks

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 3/17/21 5:45 AM, Melissa Nuño wrote:
Hi all,

I'm creating a device during the prepare hook, and would like to add it to the device.allow file for the VM. The cgroup doesn't exist during the prepare hook or the start hook and will fail with an "Operation not permitted" error. I can add the expected path to qemu.conf and restart libvirtd, but this isn't very flexible since I'd have to do it for each device for each VM I create. All of the other libvirt cgroups seem to allow all devices, so I'm not seeing where the VM cgroup is getting its initial list.

Is there a way to access the cgroup for a VM before it has started? I can't even predict where it should be since it contains the domain ID.


We've already sorted this out through IRC, but for future reference, the device in question was /dev/input device that was passed through via qemu:arg.

Anything that's under qemu:arg is opaque to libvirt, it's not inspected by libvirt in any way and thus if it happens to be a device that needs to be allowed in CGroups, well bad luck. What should be used is proper XML representation. If there is none, please do open an RFE as documented in command line passhtrough:

  https://libvirt.org/drvqemu.html#qemucommand

In this specific case, the following XML can be used:

  <input type='passthrough' bus='virtio'>
    <source evdev='/dev/input/XXX'/>
  </input>

However, what might be missing is that currently libvirt does not support 'grab_all=on,repeat=on'. But we should file an RFE for that.

Michal




[Index of Archives]     [Virt Tools]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux