On Tue, Sep 18, 2018 at 5:45 PM, Pavel Hrdina <phrd...@redhat.com> wrote:
> Signed-off-by: Pavel Hrdina <phrd...@redhat.com> > Reviewed-by: Fabiano Fidêncio <fiden...@redhat.com> > --- > src/util/vircgroup.c | 18 ++---------------- > src/util/vircgroupbackend.h | 9 +++++++++ > src/util/vircgroupv1.c | 31 +++++++++++++++++++++++++++++++ > 3 files changed, 42 insertions(+), 16 deletions(-) > > diff --git a/src/util/vircgroup.c b/src/util/vircgroup.c > index 8a54437dfa..ca36984472 100644 > --- a/src/util/vircgroup.c > +++ b/src/util/vircgroup.c > @@ -1824,10 +1824,7 @@ virCgroupGetCpusetCpus(virCgroupPtr group, char > **cpus) > int > virCgroupDenyAllDevices(virCgroupPtr group) > { > - return virCgroupSetValueStr(group, > - VIR_CGROUP_CONTROLLER_DEVICES, > - "devices.deny", > - "a"); > + VIR_CGROUP_BACKEND_CALL(group, denyAllDevices, -1); > } > > /** > @@ -1847,18 +1844,7 @@ virCgroupDenyAllDevices(virCgroupPtr group) > int > virCgroupAllowAllDevices(virCgroupPtr group, int perms) > { > - int ret = -1; > - > - if (virCgroupAllowDevice(group, 'b', -1, -1, perms) < 0) > - goto cleanup; > - > - if (virCgroupAllowDevice(group, 'c', -1, -1, perms) < 0) > - goto cleanup; > - > - ret = 0; > - > - cleanup: > - return ret; > + VIR_CGROUP_BACKEND_CALL(group, allowAllDevices, -1, perms); > } > > > diff --git a/src/util/vircgroupbackend.h b/src/util/vircgroupbackend.h > index d7250cffdb..ce165fead4 100644 > --- a/src/util/vircgroupbackend.h > +++ b/src/util/vircgroupbackend.h > @@ -261,6 +261,13 @@ typedef int > int minor, > int perms); > > +typedef int > +(*virCgroupAllowAllDevicesCB)(virCgroupPtr group, > + int perms); > + > +typedef int > +(*virCgroupDenyAllDevicesCB)(virCgroupPtr group); > + > struct _virCgroupBackend { > virCgroupBackendType type; > > @@ -313,6 +320,8 @@ struct _virCgroupBackend { > > virCgroupAllowDeviceCB allowDevice; > virCgroupDenyDeviceCB denyDevice; > + virCgroupAllowAllDevicesCB allowAllDevices; > + virCgroupDenyAllDevicesCB denyAllDevices; > }; > typedef struct _virCgroupBackend virCgroupBackend; > typedef virCgroupBackend *virCgroupBackendPtr; > diff --git a/src/util/vircgroupv1.c b/src/util/vircgroupv1.c > index 9ac0ef555c..bd6914f878 100644 > --- a/src/util/vircgroupv1.c > +++ b/src/util/vircgroupv1.c > @@ -1731,6 +1731,35 @@ virCgroupV1DenyDevice(virCgroupPtr group, > } > > > +static int > +virCgroupV1AllowAllDevices(virCgroupPtr group, > + int perms) > +{ > + int ret = -1; > + > + if (virCgroupV1AllowDevice(group, 'b', -1, -1, perms) < 0) > + goto cleanup; > + > + if (virCgroupV1AllowDevice(group, 'c', -1, -1, perms) < 0) > + goto cleanup; > + > + ret = 0; > + > + cleanup: > + return ret; > +} > + > + > +static int > +virCgroupV1DenyAllDevices(virCgroupPtr group) > +{ > + return virCgroupSetValueStr(group, > + VIR_CGROUP_CONTROLLER_DEVICES, > + "devices.deny", > + "a"); > +} > + > + > virCgroupBackend virCgroupV1Backend = { > .type = VIR_CGROUP_BACKEND_TYPE_V1, > > @@ -1781,6 +1810,8 @@ virCgroupBackend virCgroupV1Backend = { > > .allowDevice = virCgroupV1AllowDevice, > .denyDevice = virCgroupV1DenyDevice, > + .allowAllDevices = virCgroupV1AllowAllDevices, > + .denyAllDevices = virCgroupV1DenyAllDevices, > }; > > > -- > 2.17.1 > > -- > libvir-list mailing list > libvir-list@redhat.com > https://www.redhat.com/mailman/listinfo/libvir-list >
-- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list