Skip to content

L
libvirt

openeuler / libvirt

通知 3
Star 0
Fork 0
L
libvirt
提交 9cd5da71 编写于 作者: P Peter Krempa
浏览文件
操作

util: cgroup: Drop virCgroup(Allow|Deny)DeviceMajor 

Since commit 47e5b5ae virCgroupAllowDevice allows to pass -1 as either
the minor or major device number and it automatically uses '*' in place
of that. Reuse the new approach through the code and drop the duplicated
functions.
上级 f42b5c32
隐藏空白更改
内联 并排
Showing with 6 addition and 110 deletion
src/libvirt_private.syms
浏览文件 @ 9cd5da71
...@@ -1189,7 +1189,6 @@ virCgroupAddTask; ...@@ -1189,7 +1189,6 @@ virCgroupAddTask;
virCgroupAddTaskController; virCgroupAddTaskController;
virCgroupAllowAllDevices; virCgroupAllowAllDevices;
virCgroupAllowDevice; virCgroupAllowDevice;
virCgroupAllowDeviceMajor;
virCgroupAllowDevicePath; virCgroupAllowDevicePath;
virCgroupAvailable; virCgroupAvailable;
virCgroupBindMount; virCgroupBindMount;
...@@ -1198,7 +1197,6 @@ virCgroupControllerTypeFromString; ...@@ -1198,7 +1197,6 @@ virCgroupControllerTypeFromString;
virCgroupControllerTypeToString; virCgroupControllerTypeToString;
virCgroupDenyAllDevices; virCgroupDenyAllDevices;
virCgroupDenyDevice; virCgroupDenyDevice;
virCgroupDenyDeviceMajor;
virCgroupDenyDevicePath; virCgroupDenyDevicePath;
virCgroupDetectMountsFromFile; virCgroupDetectMountsFromFile;
virCgroupFree; virCgroupFree;
......
src/lxc/lxc_cgroup.c
浏览文件 @ 9cd5da71
...@@ -466,8 +466,8 @@ static int virLXCCgroupSetupDeviceACL(virDomainDefPtr def, ...@@ -466,8 +466,8 @@ static int virLXCCgroupSetupDeviceACL(virDomainDefPtr def,
} }
} }
if (virCgroupAllowDeviceMajor(cgroup, 'c', LXC_DEV_MAJ_PTY, if (virCgroupAllowDevice(cgroup, 'c', LXC_DEV_MAJ_PTY, -1,
VIR_CGROUP_DEVICE_RWM) < 0) VIR_CGROUP_DEVICE_RWM) < 0)
goto cleanup; goto cleanup;
VIR_DEBUG("Device whitelist complete"); VIR_DEBUG("Device whitelist complete");
......
src/qemu/qemu_cgroup.c
浏览文件 @ 9cd5da71
...@@ -558,8 +558,8 @@ qemuSetupDevicesCgroup(virQEMUDriverPtr driver, ...@@ -558,8 +558,8 @@ qemuSetupDevicesCgroup(virQEMUDriverPtr driver,
goto cleanup; goto cleanup;
} }
rv = virCgroupAllowDeviceMajor(priv->cgroup, 'c', DEVICE_PTY_MAJOR, rv = virCgroupAllowDevice(priv->cgroup, 'c', DEVICE_PTY_MAJOR, -1,
VIR_CGROUP_DEVICE_RW); VIR_CGROUP_DEVICE_RW);
virDomainAuditCgroupMajor(vm, priv->cgroup, "allow", DEVICE_PTY_MAJOR, virDomainAuditCgroupMajor(vm, priv->cgroup, "allow", DEVICE_PTY_MAJOR,
"pty", "rw", rv == 0); "pty", "rw", rv == 0);
if (rv < 0) if (rv < 0)
...@@ -576,8 +576,8 @@ qemuSetupDevicesCgroup(virQEMUDriverPtr driver, ...@@ -576,8 +576,8 @@ qemuSetupDevicesCgroup(virQEMUDriverPtr driver,
((vm->def->graphics[0]->type == VIR_DOMAIN_GRAPHICS_TYPE_VNC && ((vm->def->graphics[0]->type == VIR_DOMAIN_GRAPHICS_TYPE_VNC &&
cfg->vncAllowHostAudio) || cfg->vncAllowHostAudio) ||
(vm->def->graphics[0]->type == VIR_DOMAIN_GRAPHICS_TYPE_SDL))))) { (vm->def->graphics[0]->type == VIR_DOMAIN_GRAPHICS_TYPE_SDL))))) {
rv = virCgroupAllowDeviceMajor(priv->cgroup, 'c', DEVICE_SND_MAJOR, rv = virCgroupAllowDevice(priv->cgroup, 'c', DEVICE_SND_MAJOR, -1,
VIR_CGROUP_DEVICE_RW); VIR_CGROUP_DEVICE_RW);
virDomainAuditCgroupMajor(vm, priv->cgroup, "allow", DEVICE_SND_MAJOR, virDomainAuditCgroupMajor(vm, priv->cgroup, "allow", DEVICE_SND_MAJOR,
"sound", "rw", rv == 0); "sound", "rw", rv == 0);
if (rv < 0) if (rv < 0)
......
src/util/vircgroup.c
浏览文件 @ 9cd5da71
...@@ -2980,41 +2980,6 @@ virCgroupAllowDevice(virCgroupPtr group, char type, int major, int minor, ...@@ -2980,41 +2980,6 @@ virCgroupAllowDevice(virCgroupPtr group, char type, int major, int minor,
} }
/**
* virCgroupAllowDeviceMajor:
*
* @group: The cgroup to allow an entire device major type for
* @type: The device type (i.e., 'c' or 'b')
* @major: The major number of the device type
* @perms: Bitwise or of VIR_CGROUP_DEVICE permission bits to allow
*
* Returns: 0 on success
*/
int
virCgroupAllowDeviceMajor(virCgroupPtr group, char type, int major,
int perms)
{
int ret = -1;
char *devstr = NULL;
if (virAsprintf(&devstr, "%c %i:* %s", type, major,
virCgroupGetDevicePermsString(perms)) < 0)
goto cleanup;
if (virCgroupSetValueStr(group,
VIR_CGROUP_CONTROLLER_DEVICES,
"devices.allow",
devstr) < 0)
goto cleanup;
ret = 0;
cleanup:
VIR_FREE(devstr);
return ret;
}
/** /**
* virCgroupAllowDevicePath: * virCgroupAllowDevicePath:
* *
...@@ -3099,41 +3064,6 @@ virCgroupDenyDevice(virCgroupPtr group, char type, int major, int minor, ...@@ -3099,41 +3064,6 @@ virCgroupDenyDevice(virCgroupPtr group, char type, int major, int minor,
} }
/**
* virCgroupDenyDeviceMajor:
*
* @group: The cgroup to deny an entire device major type for
* @type: The device type (i.e., 'c' or 'b')
* @major: The major number of the device type
* @perms: Bitwise or of VIR_CGROUP_DEVICE permission bits to deny
*
* Returns: 0 on success
*/
int
virCgroupDenyDeviceMajor(virCgroupPtr group, char type, int major,
int perms)
{
int ret = -1;
char *devstr = NULL;
if (virAsprintf(&devstr, "%c %i:* %s", type, major,
virCgroupGetDevicePermsString(perms)) < 0)
goto cleanup;
if (virCgroupSetValueStr(group,
VIR_CGROUP_CONTROLLER_DEVICES,
"devices.deny",
devstr) < 0)
goto cleanup;
ret = 0;
cleanup:
VIR_FREE(devstr);
return ret;
}
int int
virCgroupDenyDevicePath(virCgroupPtr group, const char *path, int perms) virCgroupDenyDevicePath(virCgroupPtr group, const char *path, int perms)
{ {
...@@ -4704,18 +4634,6 @@ virCgroupAllowDevice(virCgroupPtr group ATTRIBUTE_UNUSED, ...@@ -4704,18 +4634,6 @@ virCgroupAllowDevice(virCgroupPtr group ATTRIBUTE_UNUSED,
} }
int
virCgroupAllowDeviceMajor(virCgroupPtr group ATTRIBUTE_UNUSED,
char type ATTRIBUTE_UNUSED,
int major ATTRIBUTE_UNUSED,
int perms ATTRIBUTE_UNUSED)
{
virReportSystemError(ENOSYS, "%s",
_("Control groups not supported on this platform"));
return -1;
}
int int
virCgroupAllowDevicePath(virCgroupPtr group ATTRIBUTE_UNUSED, virCgroupAllowDevicePath(virCgroupPtr group ATTRIBUTE_UNUSED,
const char *path ATTRIBUTE_UNUSED, const char *path ATTRIBUTE_UNUSED,
...@@ -4740,18 +4658,6 @@ virCgroupDenyDevice(virCgroupPtr group ATTRIBUTE_UNUSED, ...@@ -4740,18 +4658,6 @@ virCgroupDenyDevice(virCgroupPtr group ATTRIBUTE_UNUSED,
} }
int
virCgroupDenyDeviceMajor(virCgroupPtr group ATTRIBUTE_UNUSED,
char type ATTRIBUTE_UNUSED,
int major ATTRIBUTE_UNUSED,
int perms ATTRIBUTE_UNUSED)
{
virReportSystemError(ENOSYS, "%s",
_("Control groups not supported on this platform"));
return -1;
}
int int
virCgroupDenyDevicePath(virCgroupPtr group ATTRIBUTE_UNUSED, virCgroupDenyDevicePath(virCgroupPtr group ATTRIBUTE_UNUSED,
const char *path ATTRIBUTE_UNUSED, const char *path ATTRIBUTE_UNUSED,
......
src/util/vircgroup.h
浏览文件 @ 9cd5da71
...@@ -220,10 +220,6 @@ int virCgroupAllowDevice(virCgroupPtr group, ...@@ -220,10 +220,6 @@ int virCgroupAllowDevice(virCgroupPtr group,
int major, int major,
int minor, int minor,
int perms); int perms);
int virCgroupAllowDeviceMajor(virCgroupPtr group,
char type,
int major,
int perms);
int virCgroupAllowDevicePath(virCgroupPtr group, int virCgroupAllowDevicePath(virCgroupPtr group,
const char *path, const char *path,
int perms); int perms);
...@@ -233,10 +229,6 @@ int virCgroupDenyDevice(virCgroupPtr group, ...@@ -233,10 +229,6 @@ int virCgroupDenyDevice(virCgroupPtr group,
int major, int major,
int minor, int minor,
int perms); int perms);
int virCgroupDenyDeviceMajor(virCgroupPtr group,
char type,
int major,
int perms);
int virCgroupDenyDevicePath(virCgroupPtr group, int virCgroupDenyDevicePath(virCgroupPtr group,
const char *path, const char *path,
int perms); int perms);
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册