diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c index 7d1f0093aea6271623230a095bf2a83cbbb3e7fa..8ed74eeef0e79955310940c8b79af90683bb8999 100644 --- a/src/qemu/qemu_cgroup.c +++ b/src/qemu/qemu_cgroup.c @@ -714,7 +714,7 @@ qemuInitCgroup(virQEMUDriverPtr driver, qemuDomainObjPrivatePtr priv = vm->privateData; virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver); - if (!cfg->privileged) + if (!virQEMUDriverIsPrivileged(driver)) goto done; if (!virCgroupAvailable()) @@ -745,7 +745,7 @@ qemuInitCgroup(virQEMUDriverPtr driver, if (virCgroupNewMachine(vm->def->name, "qemu", - cfg->privileged, + true, vm->def->uuid, NULL, vm->pid, @@ -844,7 +844,7 @@ qemuConnectCgroup(virQEMUDriverPtr driver, qemuDomainObjPrivatePtr priv = vm->privateData; int ret = -1; - if (!cfg->privileged) + if (!virQEMUDriverIsPrivileged(driver)) goto done; if (!virCgroupAvailable()) @@ -1247,22 +1247,17 @@ qemuRemoveCgroup(virQEMUDriverPtr driver, virDomainObjPtr vm) { qemuDomainObjPrivatePtr priv = vm->privateData; - virQEMUDriverConfigPtr cfg; if (priv->cgroup == NULL) return 0; /* Not supported, so claim success */ - cfg = virQEMUDriverGetConfig(driver); - if (virCgroupTerminateMachine(vm->def->name, "qemu", - cfg->privileged) < 0) { + virQEMUDriverIsPrivileged(driver)) < 0) { if (!virCgroupNewIgnoreError()) VIR_DEBUG("Failed to terminate cgroup for %s", vm->def->name); } - virObjectUnref(cfg); - return virCgroupRemove(priv->cgroup); } diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index b547dc8af3772bffeb65e7fc62b909fc3126c284..54446387845a9c0668a4c3b4b1b5c9ca82ae20f3 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -354,7 +354,7 @@ qemuNetworkIfaceConnect(virDomainDefPtr def, if (net->backend.tap) { tunpath = net->backend.tap; - if (!cfg->privileged) { + if (!(virQEMUDriverIsPrivileged(driver))) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", _("cannot use custom tap device in session mode")); goto cleanup; @@ -381,7 +381,7 @@ qemuNetworkIfaceConnect(virDomainDefPtr def, tap_create_flags |= VIR_NETDEV_TAP_CREATE_VNET_HDR; } - if (cfg->privileged) { + if (virQEMUDriverIsPrivileged(driver)) { if (virNetDevTapCreateInBridgePort(brname, &net->ifname, &net->mac, def->uuid, tunpath, tapfd, *tapfdSize, virDomainNetGetActualVirtPortProfile(net), @@ -8362,7 +8362,8 @@ qemuBuildInterfaceCommandLine(virCommandPtr cmd, /* network and bridge use a tap device, and direct uses a * macvtap device */ - if (cfg->privileged && nicindexes && nnicindexes && net->ifname) { + if (virQEMUDriverIsPrivileged(driver) && nicindexes && nnicindexes && + net->ifname) { if (virNetDevGetIndex(net->ifname, &nicindex) < 0 || VIR_APPEND_ELEMENT(*nicindexes, *nnicindexes, nicindex) < 0) goto cleanup; @@ -8842,7 +8843,7 @@ qemuBuildCommandLine(virConnectPtr conn, emulator = def->emulator; - if (!cfg->privileged) { + if (!virQEMUDriverIsPrivileged(driver)) { /* If we have no cgroups then we can have no tunings that * require them */ diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c index 16ae6abe91bddb6a8555765709e0acd07ea88ac4..d521886d7d285d8fa069474044450ee36c374853 100644 --- a/src/qemu/qemu_conf.c +++ b/src/qemu/qemu_conf.c @@ -164,7 +164,6 @@ virQEMUDriverConfigPtr virQEMUDriverConfigNew(bool privileged) if (!(cfg = virObjectNew(virQEMUDriverConfigClass))) return NULL; - cfg->privileged = privileged; cfg->uri = privileged ? "qemu:///system" : "qemu:///session"; if (privileged) { @@ -873,6 +872,12 @@ virQEMUDriverConfigPtr virQEMUDriverGetConfig(virQEMUDriverPtr driver) return conf; } +bool +virQEMUDriverIsPrivileged(virQEMUDriverPtr driver) +{ + return driver->privileged; +} + virDomainXMLOptionPtr virQEMUDriverCreateXMLConf(virQEMUDriverPtr driver) { diff --git a/src/qemu/qemu_conf.h b/src/qemu/qemu_conf.h index 2ba4ce74720d7fbe1d0c2650b37d2cbce105f0c2..b74c2837e29e2f6fbf24a889096dc20ae7371c60 100644 --- a/src/qemu/qemu_conf.h +++ b/src/qemu/qemu_conf.h @@ -81,7 +81,6 @@ typedef virQEMUDriverConfig *virQEMUDriverConfigPtr; struct _virQEMUDriverConfig { virObject parent; - bool privileged; const char *uri; uid_t user; @@ -198,6 +197,9 @@ struct _virQEMUDriver { /* Atomic inc/dec only */ unsigned int nactive; + /* Immutable value */ + bool privileged; + /* Immutable pointers. Caller must provide locking */ virStateInhibitCallback inhibitCallback; void *inhibitOpaque; @@ -273,6 +275,7 @@ int virQEMUDriverConfigLoadFile(virQEMUDriverConfigPtr cfg, const char *filename); virQEMUDriverConfigPtr virQEMUDriverGetConfig(virQEMUDriverPtr driver); +bool virQEMUDriverIsPrivileged(virQEMUDriverPtr driver); virCapsPtr virQEMUDriverCreateCapabilities(virQEMUDriverPtr driver); virCapsPtr virQEMUDriverGetCapabilities(virQEMUDriverPtr driver, diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 0682390e833e0971478e721ff36c36f715e1630a..dcd4029b9c0b64a9c3705cfdb10c07d89575d4b7 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -2045,7 +2045,7 @@ void qemuDomainObjCheckTaint(virQEMUDriverPtr driver, virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver); qemuDomainObjPrivatePtr priv = obj->privateData; - if (cfg->privileged && + if (virQEMUDriverIsPrivileged(driver) && (!cfg->clearEmulatorCapabilities || cfg->user == 0 || cfg->group == 0)) @@ -2189,7 +2189,7 @@ qemuDomainCreateLog(virQEMUDriverPtr driver, virDomainObjPtr vm, oflags = O_CREAT | O_WRONLY; /* Only logrotate files in /var/log, so only append if running privileged */ - if (cfg->privileged || append) + if (virQEMUDriverIsPrivileged(driver) || append) oflags |= O_APPEND; else oflags |= O_TRUNC; diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 10074e8f4f54fd31d036b7d0600bb01a31293b93..eb07b7a3a4199ea744eece173b2ffaa9d5f71da2 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -421,7 +421,7 @@ qemuSecurityInit(virQEMUDriverPtr driver) mgr = NULL; } - if (cfg->privileged) { + if (virQEMUDriverIsPrivileged(driver)) { if (!(mgr = virSecurityManagerNewDAC(QEMU_DRIVER_NAME, cfg->user, cfg->group, @@ -652,6 +652,8 @@ qemuStateInitialize(bool privileged, /* Don't have a dom0 so start from 1 */ qemu_driver->nextvmid = 1; + qemu_driver->privileged = privileged; + if (!(qemu_driver->domains = virDomainObjListNew())) goto error; @@ -871,7 +873,7 @@ qemuStateInitialize(bool privileged, hugepagePath); goto error; } - if (cfg->privileged) { + if (privileged) { if (virFileUpdatePerm(cfg->hugetlbfs[i].mnt_dir, 0, S_IXGRP | S_IXOTH) < 0) goto error; @@ -1161,7 +1163,7 @@ static virDrvOpenStatus qemuConnectOpen(virConnectPtr conn, goto cleanup; } - if (cfg->privileged) { + if (virQEMUDriverIsPrivileged(qemu_driver)) { if (STRNEQ(conn->uri->path, "/system") && STRNEQ(conn->uri->path, "/session")) { virReportError(VIR_ERR_INTERNAL_ERROR, @@ -8927,7 +8929,6 @@ static char *qemuDomainGetSchedulerType(virDomainPtr dom, virDomainObjPtr vm = NULL; qemuDomainObjPrivatePtr priv; virQEMUDriverPtr driver = dom->conn->privateData; - virQEMUDriverConfigPtr cfg = NULL; if (!(vm = qemuDomObjFromDomain(dom))) goto cleanup; @@ -8937,8 +8938,7 @@ static char *qemuDomainGetSchedulerType(virDomainPtr dom, if (virDomainGetSchedulerTypeEnsureACL(dom->conn, vm->def) < 0) goto cleanup; - cfg = virQEMUDriverGetConfig(driver); - if (!cfg->privileged) { + if (!virQEMUDriverIsPrivileged(driver)) { virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s", _("CPU tuning is not available in session mode")); goto cleanup; @@ -8969,7 +8969,6 @@ static char *qemuDomainGetSchedulerType(virDomainPtr dom, cleanup: virDomainObjEndAPI(&vm); - virObjectUnref(cfg); return ret; } @@ -9195,7 +9194,7 @@ qemuDomainSetBlkioParameters(virDomainPtr dom, if (virDomainSetBlkioParametersEnsureACL(dom->conn, vm->def, flags) < 0) goto cleanup; - if (!cfg->privileged) { + if (!virQEMUDriverIsPrivileged(driver)) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", _("Block I/O tuning is not available in session mode")); goto cleanup; @@ -9367,7 +9366,6 @@ qemuDomainGetBlkioParameters(virDomainPtr dom, int ret = -1; virCapsPtr caps = NULL; qemuDomainObjPrivatePtr priv; - virQEMUDriverConfigPtr cfg = NULL; virCheckFlags(VIR_DOMAIN_AFFECT_LIVE | VIR_DOMAIN_AFFECT_CONFIG | @@ -9386,8 +9384,7 @@ qemuDomainGetBlkioParameters(virDomainPtr dom, if (virDomainGetBlkioParametersEnsureACL(dom->conn, vm->def) < 0) goto cleanup; - cfg = virQEMUDriverGetConfig(driver); - if (!cfg->privileged) { + if (!virQEMUDriverIsPrivileged(driver)) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", _("Block I/O tuning is not available in session mode")); goto cleanup; @@ -9762,7 +9759,6 @@ qemuDomainGetBlkioParameters(virDomainPtr dom, cleanup: virDomainObjEndAPI(&vm); virObjectUnref(caps); - virObjectUnref(cfg); return ret; } @@ -9810,7 +9806,7 @@ qemuDomainSetMemoryParameters(virDomainPtr dom, if (virDomainSetMemoryParametersEnsureACL(dom->conn, vm->def, flags) < 0) goto cleanup; - if (!cfg->privileged) { + if (!virQEMUDriverIsPrivileged(driver)) { virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s", _("Memory tuning is not available in session mode")); goto cleanup; @@ -9937,7 +9933,6 @@ qemuDomainGetMemoryParameters(virDomainPtr dom, virDomainDefPtr persistentDef = NULL; int ret = -1; qemuDomainObjPrivatePtr priv; - virQEMUDriverConfigPtr cfg = NULL; unsigned long long swap_hard_limit, mem_hard_limit, mem_soft_limit; virCheckFlags(VIR_DOMAIN_AFFECT_LIVE | @@ -9952,8 +9947,7 @@ qemuDomainGetMemoryParameters(virDomainPtr dom, if (virDomainGetMemoryParametersEnsureACL(dom->conn, vm->def) < 0) goto cleanup; - cfg = virQEMUDriverGetConfig(driver); - if (!cfg->privileged) { + if (!virQEMUDriverIsPrivileged(driver)) { virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s", _("Memory tuning is not available in session mode")); goto cleanup; @@ -10004,7 +9998,6 @@ qemuDomainGetMemoryParameters(virDomainPtr dom, cleanup: virDomainObjEndAPI(&vm); - virObjectUnref(cfg); return ret; } #undef QEMU_ASSIGN_MEM_PARAM @@ -10134,7 +10127,7 @@ qemuDomainSetNumaParameters(virDomainPtr dom, goto endjob; if (def) { - if (!cfg->privileged) { + if (!virQEMUDriverIsPrivileged(driver)) { virReportError(VIR_ERR_OPERATION_UNSUPPORTED, "%s", _("NUMA tuning is not available in session mode")); goto endjob; @@ -10382,7 +10375,7 @@ qemuDomainSetSchedulerParametersFlags(virDomainPtr dom, if (virDomainSetSchedulerParametersFlagsEnsureACL(dom->conn, vm->def, flags) < 0) goto cleanup; - if (!cfg->privileged) { + if (!virQEMUDriverIsPrivileged(driver)) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", _("CPU tuning is not available in session mode")); goto cleanup; @@ -10676,7 +10669,6 @@ qemuDomainGetSchedulerParametersFlags(virDomainPtr dom, virDomainDefPtr persistentDef; virCapsPtr caps = NULL; qemuDomainObjPrivatePtr priv; - virQEMUDriverConfigPtr cfg = NULL; virCheckFlags(VIR_DOMAIN_AFFECT_LIVE | VIR_DOMAIN_AFFECT_CONFIG | @@ -10693,8 +10685,7 @@ qemuDomainGetSchedulerParametersFlags(virDomainPtr dom, if (virDomainGetSchedulerParametersFlagsEnsureACL(dom->conn, vm->def) < 0) goto cleanup; - cfg = virQEMUDriverGetConfig(driver); - if (!cfg->privileged) { + if (!virQEMUDriverIsPrivileged(driver)) { virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", _("CPU tuning is not available in session mode")); goto cleanup; @@ -10793,7 +10784,6 @@ qemuDomainGetSchedulerParametersFlags(virDomainPtr dom, cleanup: virDomainObjEndAPI(&vm); virObjectUnref(caps); - virObjectUnref(cfg); return ret; } diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c index 56b18eb2e59c7e8ea297b68af53d78b511bc6cdb..be82dd2b9429664fda049650fa1a226e17ddcd86 100644 --- a/tests/qemuxml2argvtest.c +++ b/tests/qemuxml2argvtest.c @@ -486,8 +486,8 @@ mymain(void) driver.config = virQEMUDriverConfigNew(false); if (driver.config == NULL) return EXIT_FAILURE; - else - driver.config->privileged = true; + + driver.privileged = true; VIR_FREE(driver.config->spiceListen); VIR_FREE(driver.config->vncListen);