From: Daniel P. Berrange Date: Wed, 28 Nov 2012 18:07:47 +0000 (+0000) Subject: Add support for misc host device passthrough with LXC X-Git-Tag: v1.0.2-rc1~399 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=83a9c93807646d30c6ad64e2ed87b93dc36a0cb6;p=thirdparty%2Flibvirt.git Add support for misc host device passthrough with LXC This extends support for host device passthrough with LXC to cover misc devices. In this case all we need todo is a mknod in the container's /dev and whitelist the device in cgroups Signed-off-by: Daniel P. Berrange --- diff --git a/src/lxc/lxc_cgroup.c b/src/lxc/lxc_cgroup.c index 0c3d5dd69c..4fe23c1180 100644 --- a/src/lxc/lxc_cgroup.c +++ b/src/lxc/lxc_cgroup.c @@ -439,6 +439,13 @@ static int virLXCCgroupSetupDeviceACL(virDomainDefPtr def, VIR_CGROUP_DEVICE_MKNOD) < 0) goto cleanup; break; + case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_MISC: + if (virCgroupAllowDevicePath(cgroup, + hostdev->source.caps.u.misc.chardev, + VIR_CGROUP_DEVICE_RW | + VIR_CGROUP_DEVICE_MKNOD) < 0) + goto cleanup; + break; default: break; } diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c index 6e5810ca34..da3eae1331 100644 --- a/src/lxc/lxc_container.c +++ b/src/lxc/lxc_container.c @@ -1443,6 +1443,64 @@ cleanup: } +static int lxcContainerSetupHostdevCapsMisc(virDomainDefPtr vmDef ATTRIBUTE_UNUSED, + virDomainHostdevDefPtr def ATTRIBUTE_UNUSED, + const char *dstprefix ATTRIBUTE_UNUSED, + virSecurityManagerPtr securityDriver ATTRIBUTE_UNUSED) +{ + char *src = NULL; + int ret = -1; + struct stat sb; + mode_t mode; + + if (def->source.caps.u.misc.chardev == NULL) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("Missing storage host block path")); + goto cleanup; + } + + if (virAsprintf(&src, "%s/%s", dstprefix, def->source.caps.u.misc.chardev) < 0) { + virReportOOMError(); + goto cleanup; + } + + if (stat(src, &sb) < 0) { + virReportSystemError(errno, + _("Unable to access %s"), + src); + goto cleanup; + } + + if (!S_ISCHR(sb.st_mode)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Storage source %s must be a character device"), + def->source.caps.u.misc.chardev); + goto cleanup; + } + + mode = 0700 | S_IFCHR; + + VIR_DEBUG("Creating dev %s (%d,%d)", + def->source.caps.u.misc.chardev, + major(sb.st_rdev), minor(sb.st_rdev)); + if (mknod(def->source.caps.u.misc.chardev, mode, sb.st_rdev) < 0) { + virReportSystemError(errno, + _("Unable to create device %s"), + def->source.caps.u.misc.chardev); + goto cleanup; + } + + if (virSecurityManagerSetHostdevLabel(securityDriver, vmDef, def, NULL) < 0) + goto cleanup; + + ret = 0; + +cleanup: + VIR_FREE(src); + return ret; +} + + static int lxcContainerSetupHostdevSubsys(virDomainDefPtr vmDef, virDomainHostdevDefPtr def, const char *dstprefix, @@ -1470,6 +1528,9 @@ static int lxcContainerSetupHostdevCaps(virDomainDefPtr vmDef, case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_STORAGE: return lxcContainerSetupHostdevCapsStorage(vmDef, def, dstprefix, securityDriver); + case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_MISC: + return lxcContainerSetupHostdevCapsMisc(vmDef, def, dstprefix, securityDriver); + default: virReportError(VIR_ERR_CONFIG_UNSUPPORTED, _("Unsupported host device mode %s"),