From 83a9c93807646d30c6ad64e2ed87b93dc36a0cb6 Mon Sep 17 00:00:00 2001 From: "Daniel P. Berrange" Date: Wed, 28 Nov 2012 18:07:47 +0000 Subject: [PATCH] Add support for misc host device passthrough with LXC This extends support for host device passthrough with LXC to cover misc devices. In this case all we need todo is a mknod in the container's /dev and whitelist the device in cgroups Signed-off-by: Daniel P. Berrange --- src/lxc/lxc_cgroup.c | 7 +++++ src/lxc/lxc_container.c | 61 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 68 insertions(+) diff --git a/src/lxc/lxc_cgroup.c b/src/lxc/lxc_cgroup.c index 0c3d5dd69c..4fe23c1180 100644 --- a/src/lxc/lxc_cgroup.c +++ b/src/lxc/lxc_cgroup.c @@ -439,6 +439,13 @@ static int virLXCCgroupSetupDeviceACL(virDomainDefPtr def, VIR_CGROUP_DEVICE_MKNOD) < 0) goto cleanup; break; + case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_MISC: + if (virCgroupAllowDevicePath(cgroup, + hostdev->source.caps.u.misc.chardev, + VIR_CGROUP_DEVICE_RW | + VIR_CGROUP_DEVICE_MKNOD) < 0) + goto cleanup; + break; default: break; } diff --git a/src/lxc/lxc_container.c b/src/lxc/lxc_container.c index 6e5810ca34..da3eae1331 100644 --- a/src/lxc/lxc_container.c +++ b/src/lxc/lxc_container.c @@ -1443,6 +1443,64 @@ cleanup: } +static int lxcContainerSetupHostdevCapsMisc(virDomainDefPtr vmDef ATTRIBUTE_UNUSED, + virDomainHostdevDefPtr def ATTRIBUTE_UNUSED, + const char *dstprefix ATTRIBUTE_UNUSED, + virSecurityManagerPtr securityDriver ATTRIBUTE_UNUSED) +{ + char *src = NULL; + int ret = -1; + struct stat sb; + mode_t mode; + + if (def->source.caps.u.misc.chardev == NULL) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("Missing storage host block path")); + goto cleanup; + } + + if (virAsprintf(&src, "%s/%s", dstprefix, def->source.caps.u.misc.chardev) < 0) { + virReportOOMError(); + goto cleanup; + } + + if (stat(src, &sb) < 0) { + virReportSystemError(errno, + _("Unable to access %s"), + src); + goto cleanup; + } + + if (!S_ISCHR(sb.st_mode)) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("Storage source %s must be a character device"), + def->source.caps.u.misc.chardev); + goto cleanup; + } + + mode = 0700 | S_IFCHR; + + VIR_DEBUG("Creating dev %s (%d,%d)", + def->source.caps.u.misc.chardev, + major(sb.st_rdev), minor(sb.st_rdev)); + if (mknod(def->source.caps.u.misc.chardev, mode, sb.st_rdev) < 0) { + virReportSystemError(errno, + _("Unable to create device %s"), + def->source.caps.u.misc.chardev); + goto cleanup; + } + + if (virSecurityManagerSetHostdevLabel(securityDriver, vmDef, def, NULL) < 0) + goto cleanup; + + ret = 0; + +cleanup: + VIR_FREE(src); + return ret; +} + + static int lxcContainerSetupHostdevSubsys(virDomainDefPtr vmDef, virDomainHostdevDefPtr def, const char *dstprefix, @@ -1470,6 +1528,9 @@ static int lxcContainerSetupHostdevCaps(virDomainDefPtr vmDef, case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_STORAGE: return lxcContainerSetupHostdevCapsStorage(vmDef, def, dstprefix, securityDriver); + case VIR_DOMAIN_HOSTDEV_CAPS_TYPE_MISC: + return lxcContainerSetupHostdevCapsMisc(vmDef, def, dstprefix, securityDriver); + default: virReportError(VIR_ERR_CONFIG_UNSUPPORTED, _("Unsupported host device mode %s"), -- GitLab