From bec9b9b01a9e61278cefc24ac9dd1e95bdac9d4f Mon Sep 17 00:00:00 2001
From: Shivaprasad G Bhat <sbhat@linux.vnet.ibm.com>
Date: Mon, 23 Jan 2017 19:06:29 +0530
Subject: [PATCH] util: Forbid assigning a pci-bridge to a guest

Non-endpoint devices like pci-bridges cannot be assigned to guests.
Prevent such attempts.

Signed-off-by: Shivaprasad G Bhat <sbhat@linux.vnet.ibm.com>
---
 src/util/virhostdev.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/src/util/virhostdev.c b/src/util/virhostdev.c
index 0673afb7b6..86ca8e0473 100644
--- a/src/util/virhostdev.c
+++ b/src/util/virhostdev.c
@@ -532,6 +532,17 @@ virHostdevPreparePCIDevices(virHostdevManagerPtr mgr,
         bool strict_acs_check = !!(flags & VIR_HOSTDEV_STRICT_ACS_CHECK);
         bool usesVFIO = (virPCIDeviceGetStubDriver(pci) == VIR_PCI_STUB_DRIVER_VFIO);
         struct virHostdevIsPCINodeDeviceUsedData data = { mgr, dom_name, usesVFIO };
+        int hdrType = -1;
+
+        if (virPCIGetHeaderType(pci, &hdrType) < 0)
+            goto cleanup;
+
+        if (hdrType != VIR_PCI_HEADER_ENDPOINT) {
+            virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+                           _("Non-endpoint PCI devices cannot be assigned "
+                             "to guests"));
+            goto cleanup;
+        }
 
         if (!usesVFIO && !virPCIDeviceIsAssignable(pci, strict_acs_check)) {
             virReportError(VIR_ERR_OPERATION_INVALID,
-- 
2.47.2