qemu: Use namespaces iff available on the host kernel

So far the namespaces were turned on by default unconditionally. For all non-Linux platforms we provided stub functions that just ignored whatever namespaces setting there was in qemu.conf and returned 0 to indicate success. Moreover, we didn't really check if namespaces are available on the host kernel. This is suboptimal as we might have ignored user setting. Signed-off-by: N Michal Privoznik <mprivozn@redhat.com>

qemu: Use namespaces iff available on the host kernel
So far the namespaces were turned on by default unconditionally. For all non-Linux platforms we provided stub functions that just ignored whatever namespaces setting there was in qemu.conf and returned 0 to indicate success. Moreover, we didn't really check if namespaces are available on the host kernel. This is suboptimal as we might have ignored user setting. Signed-off-by: N Michal Privoznik <mprivozn@redhat.com>
49f326ed · Michal Privoznik · 41816751 · 49f326ed · 49f326ed
隐藏空白更改
内联并排

Showing with 15 addition and 26 deletion

src/qemu/qemu_conf.c src/qemu/qemu_conf.c +5 -1

src/qemu/qemu_domain.c src/qemu/qemu_domain.c +10 -25

未找到文件。
--- a/src/qemu/qemu_conf.c
+++ b/src/qemu/qemu_conf.c
@@ -317,8 +317,12 @@ virQEMUDriverConfigPtr virQEMUDriverConfigNew(bool privileged)
    if (!(cfg->namespaces = virBitmapNew(QEMU_DOMAIN_NS_LAST)))
        goto error;

-    if (virBitmapSetBit(cfg->namespaces, QEMU_DOMAIN_NS_MOUNT) < 0)
+#if defined(__linux__)
+    if (privileged &&
+        virProcessNamespaceAvailable(VIR_PROCESS_NAMESPACE_MNT) == 0 &&
+        virBitmapSetBit(cfg->namespaces, QEMU_DOMAIN_NS_MOUNT) < 0)
        goto error;
+#endif /* defined(__linux__) */

 #ifdef DEFAULT_LOADER_NVRAM
    if (virFirmwareParseList(DEFAULT_LOADER_NVRAM,

--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -6879,7 +6879,6 @@ qemuDomainGetHostdevPath(virDomainHostdevDefPtr dev,
 }


-#if defined(__linux__)
 /**
 * qemuDomainGetPreservedMounts:
 *
@@ -7432,12 +7431,20 @@ qemuDomainCreateNamespace(virQEMUDriverPtr driver,
    virQEMUDriverConfigPtr cfg = virQEMUDriverGetConfig(driver);
    int ret = -1;

-    if (!virBitmapIsBitSet(cfg->namespaces, QEMU_DOMAIN_NS_MOUNT) ||
-        !virQEMUDriverIsPrivileged(driver)) {
+    if (!virBitmapIsBitSet(cfg->namespaces, QEMU_DOMAIN_NS_MOUNT)) {
        ret = 0;
        goto cleanup;
    }

+    if (!virQEMUDriverIsPrivileged(driver)) {
+        virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s",
+                       _("cannot use namespaces in session mode"));
+        goto cleanup;
+    }
+
+    if (virProcessNamespaceAvailable(VIR_PROCESS_NAMESPACE_MNT) < 0)
+        goto cleanup;
+
    if (qemuDomainEnableNamespace(vm, QEMU_DOMAIN_NS_MOUNT) < 0)
        goto cleanup;

@@ -7447,28 +7454,6 @@ qemuDomainCreateNamespace(virQEMUDriverPtr driver,
    return ret;
 }

-#else /* !defined(__linux__) */
-
-int
-qemuDomainBuildNamespace(virQEMUDriverPtr driver ATTRIBUTE_UNUSED,
-                         virDomainObjPtr vm ATTRIBUTE_UNUSED)
-{
-    /* Namespaces are Linux specific. On other platforms just
-     * carry on with the old behaviour. */
-    return 0;
-}
-
-
-int
-qemuDomainCreateNamespace(virQEMUDriverPtr driver ATTRIBUTE_UNUSED,
-                          virDomainObjPtr vm ATTRIBUTE_UNUSED)
-{
-    /* Namespaces are Linux specific. On other platforms just
-     * carry on with the old behaviour. */
-    return 0;
-}
-#endif /* !defined(__linux__) */
-

 struct qemuDomainAttachDeviceMknodData {
    virQEMUDriverPtr driver;