From fd9a0368b91c425f860115c0451067ee917574d1 Mon Sep 17 00:00:00 2001
From: Pavel Hrdina <phrdina@redhat.com>
Date: Wed, 5 Sep 2018 20:10:02 +0200
Subject: [PATCH] vircgroup: extract virCgroupV1(Allow|Deny)AllDevices
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

Reviewed-by: Fabiano FidÃªncio <fidencio@redhat.com>
Reviewed-by: JÃ¡n Tomko <jtomko@redhat.com>
Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
---
 src/util/vircgroup.c        | 18 ++----------------
 src/util/vircgroupbackend.h |  9 +++++++++
 src/util/vircgroupv1.c      | 31 +++++++++++++++++++++++++++++++
 3 files changed, 42 insertions(+), 16 deletions(-)

diff --git a/src/util/vircgroup.c b/src/util/vircgroup.c
index f9fa3cffe3..5f161a95c6 100644
--- a/src/util/vircgroup.c
+++ b/src/util/vircgroup.c
@@ -1818,10 +1818,7 @@ virCgroupGetCpusetCpus(virCgroupPtr group, char **cpus)
 int
 virCgroupDenyAllDevices(virCgroupPtr group)
 {
-    return virCgroupSetValueStr(group,
-                                VIR_CGROUP_CONTROLLER_DEVICES,
-                                "devices.deny",
-                                "a");
+    VIR_CGROUP_BACKEND_CALL(group, denyAllDevices, -1);
 }
 
 /**
@@ -1841,18 +1838,7 @@ virCgroupDenyAllDevices(virCgroupPtr group)
 int
 virCgroupAllowAllDevices(virCgroupPtr group, int perms)
 {
-    int ret = -1;
-
-    if (virCgroupAllowDevice(group, 'b', -1, -1, perms) < 0)
-        goto cleanup;
-
-    if (virCgroupAllowDevice(group, 'c', -1, -1, perms) < 0)
-        goto cleanup;
-
-    ret = 0;
-
- cleanup:
-    return ret;
+    VIR_CGROUP_BACKEND_CALL(group, allowAllDevices, -1, perms);
 }
 
 
diff --git a/src/util/vircgroupbackend.h b/src/util/vircgroupbackend.h
index 04897b5895..436c83f6fa 100644
--- a/src/util/vircgroupbackend.h
+++ b/src/util/vircgroupbackend.h
@@ -269,6 +269,13 @@ typedef int
                          int minor,
                          int perms);
 
+typedef int
+(*virCgroupAllowAllDevicesCB)(virCgroupPtr group,
+                              int perms);
+
+typedef int
+(*virCgroupDenyAllDevicesCB)(virCgroupPtr group);
+
 struct _virCgroupBackend {
     virCgroupBackendType type;
 
@@ -321,6 +328,8 @@ struct _virCgroupBackend {
 
     virCgroupAllowDeviceCB allowDevice;
     virCgroupDenyDeviceCB denyDevice;
+    virCgroupAllowAllDevicesCB allowAllDevices;
+    virCgroupDenyAllDevicesCB denyAllDevices;
 };
 typedef struct _virCgroupBackend virCgroupBackend;
 typedef virCgroupBackend *virCgroupBackendPtr;
diff --git a/src/util/vircgroupv1.c b/src/util/vircgroupv1.c
index 7bac2542a5..1bded9208a 100644
--- a/src/util/vircgroupv1.c
+++ b/src/util/vircgroupv1.c
@@ -1736,6 +1736,35 @@ virCgroupV1DenyDevice(virCgroupPtr group,
 }
 
 
+static int
+virCgroupV1AllowAllDevices(virCgroupPtr group,
+                           int perms)
+{
+    int ret = -1;
+
+    if (virCgroupV1AllowDevice(group, 'b', -1, -1, perms) < 0)
+        goto cleanup;
+
+    if (virCgroupV1AllowDevice(group, 'c', -1, -1, perms) < 0)
+        goto cleanup;
+
+    ret = 0;
+
+ cleanup:
+    return ret;
+}
+
+
+static int
+virCgroupV1DenyAllDevices(virCgroupPtr group)
+{
+    return virCgroupSetValueStr(group,
+                                VIR_CGROUP_CONTROLLER_DEVICES,
+                                "devices.deny",
+                                "a");
+}
+
+
 virCgroupBackend virCgroupV1Backend = {
     .type = VIR_CGROUP_BACKEND_TYPE_V1,
 
@@ -1786,6 +1815,8 @@ virCgroupBackend virCgroupV1Backend = {
 
     .allowDevice = virCgroupV1AllowDevice,
     .denyDevice = virCgroupV1DenyDevice,
+    .allowAllDevices = virCgroupV1AllowAllDevices,
+    .denyAllDevices = virCgroupV1DenyAllDevices,
 };
 
 
-- 
2.47.3