qemu: 'privileged' flag is not really configuration

The privileged flag will not change while the configuration might change. Make the 'privileged' flag member of the driver again and mark it immutable. Should that ever change add an accessor that will group reads of the state.

qemu: 'privileged' flag is not really configuration
The privileged flag will not change while the configuration might change. Make the 'privileged' flag member of the driver again and mark it immutable. Should that ever change add an accessor that will group reads of the state.
0b416434 · Peter Krempa · 58edccb4 · 0b416434 · 0b416434 · 0b416434
7 changed file
--- a/src/qemu/qemu_cgroup.c
+++ b/src/qemu/qemu_cgroup.c
@@ -714,7 +714,7 @@ qemuInitCgroup(virQEMUDriverPtr driver,
    qemuDomainObjPrivatePtr priv = vm->privateData;
    virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);

-    if (!cfg->privileged)
+    if (!virQEMUDriverIsPrivileged(driver))
        goto done;

    if (!virCgroupAvailable())
@@ -745,7 +745,7 @@ qemuInitCgroup(virQEMUDriverPtr driver,

    if (virCgroupNewMachine(vm->def->name,
                            "qemu",
-                            cfg->privileged,
+                            true,
                            vm->def->uuid,
                            NULL,
                            vm->pid,
@@ -844,7 +844,7 @@ qemuConnectCgroup(virQEMUDriverPtr driver,
    qemuDomainObjPrivatePtr priv = vm->privateData;
    int ret = -1;

-    if (!cfg->privileged)
+    if (!virQEMUDriverIsPrivileged(driver))
        goto done;

    if (!virCgroupAvailable())
@@ -1247,22 +1247,17 @@ qemuRemoveCgroup(virQEMUDriverPtr driver,
                 virDomainObjPtr vm)
 {
    qemuDomainObjPrivatePtr priv = vm->privateData;
-    virQEMUDriverConfigPtr cfg;

    if (priv->cgroup == NULL)
        return 0; /* Not supported, so claim success */

-    cfg = virQEMUDriverGetConfig(driver);
-
    if (virCgroupTerminateMachine(vm->def->name,
                                  "qemu",
-                                  cfg->privileged) < 0) {
+                                  virQEMUDriverIsPrivileged(driver)) < 0) {
        if (!virCgroupNewIgnoreError())
            VIR_DEBUG("Failed to terminate cgroup for %s", vm->def->name);
    }

-    virObjectUnref(cfg);
-
    return virCgroupRemove(priv->cgroup);
 }


--- a/src/qemu/qemu_command.c
+++ b/src/qemu/qemu_command.c
@@ -354,7 +354,7 @@ qemuNetworkIfaceConnect(virDomainDefPtr def,

    if (net->backend.tap) {
        tunpath = net->backend.tap;
-        if (!cfg->privileged) {
+        if (!(virQEMUDriverIsPrivileged(driver))) {
            virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
                           _("cannot use custom tap device in session mode"));
            goto cleanup;
@@ -381,7 +381,7 @@ qemuNetworkIfaceConnect(virDomainDefPtr def,
        tap_create_flags |= VIR_NETDEV_TAP_CREATE_VNET_HDR;
    }

-    if (cfg->privileged) {
+    if (virQEMUDriverIsPrivileged(driver)) {
        if (virNetDevTapCreateInBridgePort(brname, &net->ifname, &net->mac,
                                           def->uuid, tunpath, tapfd, *tapfdSize,
                                           virDomainNetGetActualVirtPortProfile(net),
@@ -8362,7 +8362,8 @@ qemuBuildInterfaceCommandLine(virCommandPtr cmd,
        /* network and bridge use a tap device, and direct uses a
         * macvtap device
         */
-        if (cfg->privileged && nicindexes && nnicindexes && net->ifname) {
+        if (virQEMUDriverIsPrivileged(driver) && nicindexes && nnicindexes &&
+            net->ifname) {
            if (virNetDevGetIndex(net->ifname, &nicindex) < 0 ||
                VIR_APPEND_ELEMENT(*nicindexes, *nnicindexes, nicindex) < 0)
                goto cleanup;
@@ -8842,7 +8843,7 @@ qemuBuildCommandLine(virConnectPtr conn,

    emulator = def->emulator;

-    if (!cfg->privileged) {
+    if (!virQEMUDriverIsPrivileged(driver)) {
        /* If we have no cgroups then we can have no tunings that
         * require them */


--- a/src/qemu/qemu_conf.c
+++ b/src/qemu/qemu_conf.c
@@ -164,7 +164,6 @@ virQEMUDriverConfigPtr virQEMUDriverConfigNew(bool privileged)
    if (!(cfg = virObjectNew(virQEMUDriverConfigClass)))
        return NULL;

-    cfg->privileged = privileged;
    cfg->uri = privileged ? "qemu:///system" : "qemu:///session";

    if (privileged) {
@@ -873,6 +872,12 @@ virQEMUDriverConfigPtr virQEMUDriverGetConfig(virQEMUDriverPtr driver)
    return conf;
 }

+bool
+virQEMUDriverIsPrivileged(virQEMUDriverPtr driver)
+{
+    return driver->privileged;
+}
+
 virDomainXMLOptionPtr
 virQEMUDriverCreateXMLConf(virQEMUDriverPtr driver)
 {

--- a/src/qemu/qemu_conf.h
+++ b/src/qemu/qemu_conf.h
@@ -81,7 +81,6 @@ typedef virQEMUDriverConfig *virQEMUDriverConfigPtr;
 struct _virQEMUDriverConfig {
    virObject parent;

-    bool privileged;
    const char *uri;

    uid_t user;
@@ -198,6 +197,9 @@ struct _virQEMUDriver {
    /* Atomic inc/dec only */
    unsigned int nactive;

+    /* Immutable value */
+    bool privileged;
+
    /* Immutable pointers. Caller must provide locking */
    virStateInhibitCallback inhibitCallback;
    void *inhibitOpaque;
@@ -273,6 +275,7 @@ int virQEMUDriverConfigLoadFile(virQEMUDriverConfigPtr cfg,
                                const char *filename);

 virQEMUDriverConfigPtr virQEMUDriverGetConfig(virQEMUDriverPtr driver);
+bool virQEMUDriverIsPrivileged(virQEMUDriverPtr driver);

 virCapsPtr virQEMUDriverCreateCapabilities(virQEMUDriverPtr driver);
 virCapsPtr virQEMUDriverGetCapabilities(virQEMUDriverPtr driver,

--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -2045,7 +2045,7 @@ void qemuDomainObjCheckTaint(virQEMUDriverPtr driver,
    virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
    qemuDomainObjPrivatePtr priv = obj->privateData;

-    if (cfg->privileged &&
+    if (virQEMUDriverIsPrivileged(driver) &&
        (!cfg->clearEmulatorCapabilities ||
         cfg->user == 0 ||
         cfg->group == 0))
@@ -2189,7 +2189,7 @@ qemuDomainCreateLog(virQEMUDriverPtr driver, virDomainObjPtr vm,

    oflags = O_CREAT | O_WRONLY;
    /* Only logrotate files in /var/log, so only append if running privileged */
-    if (cfg->privileged || append)
+    if (virQEMUDriverIsPrivileged(driver) || append)
        oflags |= O_APPEND;
    else
        oflags |= O_TRUNC;

--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -421,7 +421,7 @@ qemuSecurityInit(virQEMUDriverPtr driver)
        mgr = NULL;
    }

-    if (cfg->privileged) {
+    if (virQEMUDriverIsPrivileged(driver)) {
        if (!(mgr = virSecurityManagerNewDAC(QEMU_DRIVER_NAME,
                                             cfg->user,
                                             cfg->group,
@@ -652,6 +652,8 @@ qemuStateInitialize(bool privileged,
    /* Don't have a dom0 so start from 1 */
    qemu_driver->nextvmid = 1;

+    qemu_driver->privileged = privileged;
+
    if (!(qemu_driver->domains = virDomainObjListNew()))
        goto error;

@@ -871,7 +873,7 @@ qemuStateInitialize(bool privileged,
                                 hugepagePath);
            goto error;
        }
-        if (cfg->privileged) {
+        if (privileged) {
            if (virFileUpdatePerm(cfg->hugetlbfs[i].mnt_dir,
                                  0, S_IXGRP | S_IXOTH) < 0)
                goto error;
@@ -1161,7 +1163,7 @@ static virDrvOpenStatus qemuConnectOpen(virConnectPtr conn,
            goto cleanup;
        }

-        if (cfg->privileged) {
+        if (virQEMUDriverIsPrivileged(qemu_driver)) {
            if (STRNEQ(conn->uri->path, "/system") &&
                STRNEQ(conn->uri->path, "/session")) {
                virReportError(VIR_ERR_INTERNAL_ERROR,
@@ -8927,7 +8929,6 @@ static char *qemuDomainGetSchedulerType(virDomainPtr dom,
    virDomainObjPtr vm = NULL;
    qemuDomainObjPrivatePtr priv;
    virQEMUDriverPtr driver = dom->conn->privateData;
-    virQEMUDriverConfigPtr cfg = NULL;

    if (!(vm = qemuDomObjFromDomain(dom)))
        goto cleanup;
@@ -8937,8 +8938,7 @@ static char *qemuDomainGetSchedulerType(virDomainPtr dom,
    if (virDomainGetSchedulerTypeEnsureACL(dom->conn, vm->def) < 0)
        goto cleanup;

-    cfg = virQEMUDriverGetConfig(driver);
-    if (!cfg->privileged) {
+    if (!virQEMUDriverIsPrivileged(driver)) {
        virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
                       _("CPU tuning is not available in session mode"));
        goto cleanup;
@@ -8969,7 +8969,6 @@ static char *qemuDomainGetSchedulerType(virDomainPtr dom,

 cleanup:
    virDomainObjEndAPI(&vm);
-    virObjectUnref(cfg);
    return ret;
 }

@@ -9195,7 +9194,7 @@ qemuDomainSetBlkioParameters(virDomainPtr dom,
    if (virDomainSetBlkioParametersEnsureACL(dom->conn, vm->def, flags) < 0)
        goto cleanup;

-    if (!cfg->privileged) {
+    if (!virQEMUDriverIsPrivileged(driver)) {
        virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
                       _("Block I/O tuning is not available in session mode"));
        goto cleanup;
@@ -9367,7 +9366,6 @@ qemuDomainGetBlkioParameters(virDomainPtr dom,
    int ret = -1;
    virCapsPtr caps = NULL;
    qemuDomainObjPrivatePtr priv;
-    virQEMUDriverConfigPtr cfg = NULL;

    virCheckFlags(VIR_DOMAIN_AFFECT_LIVE |
                  VIR_DOMAIN_AFFECT_CONFIG |
@@ -9386,8 +9384,7 @@ qemuDomainGetBlkioParameters(virDomainPtr dom,
    if (virDomainGetBlkioParametersEnsureACL(dom->conn, vm->def) < 0)
        goto cleanup;

-    cfg = virQEMUDriverGetConfig(driver);
-    if (!cfg->privileged) {
+    if (!virQEMUDriverIsPrivileged(driver)) {
        virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
                       _("Block I/O tuning is not available in session mode"));
        goto cleanup;
@@ -9762,7 +9759,6 @@ qemuDomainGetBlkioParameters(virDomainPtr dom,
 cleanup:
    virDomainObjEndAPI(&vm);
    virObjectUnref(caps);
-    virObjectUnref(cfg);
    return ret;
 }

@@ -9810,7 +9806,7 @@ qemuDomainSetMemoryParameters(virDomainPtr dom,
    if (virDomainSetMemoryParametersEnsureACL(dom->conn, vm->def, flags) < 0)
        goto cleanup;

-    if (!cfg->privileged) {
+    if (!virQEMUDriverIsPrivileged(driver)) {
        virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
                       _("Memory tuning is not available in session mode"));
        goto cleanup;
@@ -9937,7 +9933,6 @@ qemuDomainGetMemoryParameters(virDomainPtr dom,
    virDomainDefPtr persistentDef = NULL;
    int ret = -1;
    qemuDomainObjPrivatePtr priv;
-    virQEMUDriverConfigPtr cfg = NULL;
    unsigned long long swap_hard_limit, mem_hard_limit, mem_soft_limit;

    virCheckFlags(VIR_DOMAIN_AFFECT_LIVE |
@@ -9952,8 +9947,7 @@ qemuDomainGetMemoryParameters(virDomainPtr dom,
    if (virDomainGetMemoryParametersEnsureACL(dom->conn, vm->def) < 0)
        goto cleanup;

-    cfg = virQEMUDriverGetConfig(driver);
-    if (!cfg->privileged) {
+    if (!virQEMUDriverIsPrivileged(driver)) {
        virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
                       _("Memory tuning is not available in session mode"));
        goto cleanup;
@@ -10004,7 +9998,6 @@ qemuDomainGetMemoryParameters(virDomainPtr dom,

 cleanup:
    virDomainObjEndAPI(&vm);
-    virObjectUnref(cfg);
    return ret;
 }
 #undef QEMU_ASSIGN_MEM_PARAM
@@ -10134,7 +10127,7 @@ qemuDomainSetNumaParameters(virDomainPtr dom,
        goto endjob;

    if (def) {
-        if (!cfg->privileged) {
+        if (!virQEMUDriverIsPrivileged(driver)) {
            virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s",
                           _("NUMA tuning is not available in session mode"));
            goto endjob;
@@ -10382,7 +10375,7 @@ qemuDomainSetSchedulerParametersFlags(virDomainPtr dom,
    if (virDomainSetSchedulerParametersFlagsEnsureACL(dom->conn, vm->def, flags) < 0)
        goto cleanup;

-    if (!cfg->privileged) {
+    if (!virQEMUDriverIsPrivileged(driver)) {
        virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
                       _("CPU tuning is not available in session mode"));
        goto cleanup;
@@ -10676,7 +10669,6 @@ qemuDomainGetSchedulerParametersFlags(virDomainPtr dom,
    virDomainDefPtr persistentDef;
    virCapsPtr caps = NULL;
    qemuDomainObjPrivatePtr priv;
-    virQEMUDriverConfigPtr cfg = NULL;

    virCheckFlags(VIR_DOMAIN_AFFECT_LIVE |
                  VIR_DOMAIN_AFFECT_CONFIG |
@@ -10693,8 +10685,7 @@ qemuDomainGetSchedulerParametersFlags(virDomainPtr dom,
    if (virDomainGetSchedulerParametersFlagsEnsureACL(dom->conn, vm->def) < 0)
        goto cleanup;

-    cfg = virQEMUDriverGetConfig(driver);
-    if (!cfg->privileged) {
+    if (!virQEMUDriverIsPrivileged(driver)) {
        virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
                       _("CPU tuning is not available in session mode"));
        goto cleanup;
@@ -10793,7 +10784,6 @@ qemuDomainGetSchedulerParametersFlags(virDomainPtr dom,
 cleanup:
    virDomainObjEndAPI(&vm);
    virObjectUnref(caps);
-    virObjectUnref(cfg);
    return ret;
 }


--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -486,8 +486,8 @@ mymain(void)
    driver.config = virQEMUDriverConfigNew(false);
    if (driver.config == NULL)
        return EXIT_FAILURE;
-    else
-        driver.config->privileged = true;
+
+    driver.privileged = true;

    VIR_FREE(driver.config->spiceListen);
    VIR_FREE(driver.config->vncListen);