diff --git a/src/lxc/lxc_cgroup.c b/src/lxc/lxc_cgroup.c index 0987050bf73e45aae0fcf02f7b15e7a81c069be8..1dfa9a4bed2d7f060182ea3b4e42fc944776e8e9 100644 --- a/src/lxc/lxc_cgroup.c +++ b/src/lxc/lxc_cgroup.c @@ -463,7 +463,9 @@ static int virLXCCgroupSetupDeviceACL(virDomainDefPtr def, virCgroupPtr virLXCCgroupCreate(virDomainDefPtr def, - pid_t initpid) + pid_t initpid, + size_t nnicindexes, + int *nicindexes) { virCgroupPtr cgroup = NULL; @@ -481,7 +483,7 @@ virCgroupPtr virLXCCgroupCreate(virDomainDefPtr def, NULL, initpid, true, - 0, NULL, + nnicindexes, nicindexes, def->resource->partition, -1, &cgroup) < 0) diff --git a/src/lxc/lxc_cgroup.h b/src/lxc/lxc_cgroup.h index 31d6800dc78ae79de3139af493bb40b4e8f68204..e85f21c47dc66e2c5ccfadce3a834d7cf8f02797 100644 --- a/src/lxc/lxc_cgroup.h +++ b/src/lxc/lxc_cgroup.h @@ -28,7 +28,9 @@ # include "virusb.h" virCgroupPtr virLXCCgroupCreate(virDomainDefPtr def, - pid_t initpid); + pid_t initpid, + size_t nnicindexes, + int *nicindexes); virCgroupPtr virLXCCgroupJoin(virDomainDefPtr def); int virLXCCgroupSetup(virDomainDefPtr def, virCgroupPtr cgroup, diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c index 03dff29cce355b5e42403dd13b9f358d99f8c682..8a7c7e8f1a0a3b0e40151308518b04a8117469cd 100644 --- a/src/lxc/lxc_controller.c +++ b/src/lxc/lxc_controller.c @@ -110,6 +110,9 @@ struct _virLXCController { size_t nveths; char **veths; + size_t nnicindexes; + int *nicindexes; + size_t npassFDs; int *passFDs; @@ -260,6 +263,7 @@ static void virLXCControllerFree(virLXCControllerPtr ctrl) for (i = 0; i < ctrl->nveths; i++) VIR_FREE(ctrl->veths[i]); VIR_FREE(ctrl->veths); + VIR_FREE(ctrl->nicindexes); for (i = 0; i < ctrl->npassFDs; i++) VIR_FORCE_CLOSE(ctrl->passFDs[i]); @@ -344,6 +348,51 @@ static int virLXCControllerValidateNICs(virLXCControllerPtr ctrl) } +static int virLXCControllerGetNICIndexes(virLXCControllerPtr ctrl) +{ + size_t i; + int ret = -1; + + VIR_DEBUG("Getting nic indexes"); + for (i = 0; i < ctrl->def->nnets; i++) { + int nicindex = -1; + switch (ctrl->def->nets[i]->type) { + case VIR_DOMAIN_NET_TYPE_BRIDGE: + case VIR_DOMAIN_NET_TYPE_NETWORK: + if (ctrl->def->nets[i]->ifname == NULL) + continue; + if (virNetDevGetIndex(ctrl->def->nets[i]->ifname, + &nicindex) < 0) + goto cleanup; + if (VIR_EXPAND_N(ctrl->nicindexes, + ctrl->nnicindexes, + 1) < 0) + goto cleanup; + VIR_DEBUG("Index %d for %s", nicindex, + ctrl->def->nets[i]->ifname); + ctrl->nicindexes[ctrl->nnicindexes-1] = nicindex; + break; + + case VIR_DOMAIN_NET_TYPE_USER: + case VIR_DOMAIN_NET_TYPE_ETHERNET: + case VIR_DOMAIN_NET_TYPE_VHOSTUSER: + case VIR_DOMAIN_NET_TYPE_SERVER: + case VIR_DOMAIN_NET_TYPE_CLIENT: + case VIR_DOMAIN_NET_TYPE_MCAST: + case VIR_DOMAIN_NET_TYPE_INTERNAL: + case VIR_DOMAIN_NET_TYPE_DIRECT: + case VIR_DOMAIN_NET_TYPE_HOSTDEV: + default: + break; + } + } + + ret = 0; + cleanup: + return ret; +} + + static int virLXCControllerValidateConsoles(virLXCControllerPtr ctrl) { if (ctrl->def->nconsoles != ctrl->nconsoles) { @@ -732,7 +781,9 @@ static int virLXCControllerSetupCgroupLimits(virLXCControllerPtr ctrl) nodeset = virDomainNumatuneGetNodeset(ctrl->def->numatune, auto_nodeset, -1); if (!(ctrl->cgroup = virLXCCgroupCreate(ctrl->def, - ctrl->initpid))) + ctrl->initpid, + ctrl->nnicindexes, + ctrl->nicindexes))) goto cleanup; if (virCgroupAddTask(ctrl->cgroup, getpid()) < 0) @@ -2494,6 +2545,9 @@ int main(int argc, char *argv[]) if (virLXCControllerValidateNICs(ctrl) < 0) goto cleanup; + if (virLXCControllerGetNICIndexes(ctrl) < 0) + goto cleanup; + if (virLXCControllerValidateConsoles(ctrl) < 0) goto cleanup;